Luxury brands were among the dozens of major companies whose Salesforce instances were targeted by Scattered LAPSUS$ Hunters.
The post Dior, Louis Vuitton, Tiffany Fined $25 Million in South Korea After Data Breaches appeared first on SecurityWeek.
Passwords to passkeys: Staying ISO 27001 compliant in a passwordless era
Password-based authentication is increasingly risky as organizations adopt passkeys to strengthen security and meet ISO/IEC 27001 requirements. Passwork explains how to align passwordless adoption with Annex A controls, risk assessments, and secure implementation practices. […]
Android 17 Beta Strengthens Secure-by-Default Design for Privacy and App Security
The latest Android version continues to improve security and privacy, according to its developers.
The post Android 17 Beta Strengthens Secure-by-Default Design for Privacy and App Security appeared first on SecurityWeek.
CISA Navigates DHS Shutdown With Reduced Staff
CISA is currently operating at roughly 38% capacity (888 out of 2,341 staff) due to the DHS shutdown that began February 14, 2026.
The post CISA Navigates DHS Shutdown With Reduced Staff appeared first on SecurityWeek.
Weekly Recap: Outlook Add-Ins Hijack, 0-Day Patches, Wormable Botnet & AI Malware
This week’s recap shows how small gaps are turning into big entry points. Not always through new exploits, often through tools, add-ons, cloud setups, or workflows that people already trust and rarely question.
Another signal: attackers are mixing old and new methods. Legacy botnet tactics, modern cloud abuse, AI assistance, and supply-chain exposure are being used side by side, whichever path
Another signal: attackers are mixing old and new methods. Legacy botnet tactics, modern cloud abuse, AI assistance, and supply-chain exposure are being used side by side, whichever path
CISA gives feds 3 days to patch actively exploited BeyondTrust flaw
CISA ordered U.S. government agencies on Friday to secure their BeyondTrust Remote Support instances against an actively exploited vulnerability within three days. […]
Microsoft Warns of ClickFix Attack Abusing DNS Lookups
Attackers are using DNS requests to deliver a RAT named ModeloRAT to targeted users.
The post Microsoft Warns of ClickFix Attack Abusing DNS Lookups appeared first on SecurityWeek.
Safe and Inclusive E‑Society: How Lithuania Is Bracing for AI‑Driven Cyber Fraud
Presentation of the KTU Consortium Mission ‘A Safe and Inclusive Digital Society’ at the Innovation Agency event ‘Innovation Breakfast: How Mission-Oriented Science and Innovation Programmes Will Address Societal Challenges’.
Technologies are evolving fast, reshaping economies, governance, and daily life. Yet, as innovation accelerates, so do digital risks. Technological change is no longer
Amazon Scraps Partnership With Surveillance Company After Super Bowl Ad Backlash
Amazon’s smart doorbell maker Ring has terminated a partnership with police surveillance tech company Flock Safety.
The post Amazon Scraps Partnership With Surveillance Company After Super Bowl Ad Backlash appeared first on SecurityWeek.
New ZeroDayRAT Mobile Spyware Enables Real-Time Surveillance and Data Theft
Cybersecurity researchers have disclosed details of a new mobile spyware platform dubbed ZeroDayRAT that’s being advertised on Telegram as a way to grab sensitive data and facilitate real-time surveillance on Android and iOS devices.
“The developer runs dedicated channels for sales, customer support, and regular updates, giving buyers a single point of access to a fully operational spyware
“The developer runs dedicated channels for sales, customer support, and regular updates, giving buyers a single point of access to a fully operational spyware