SecurityWeek
Check Point VPN Zero-Day Exploited in Qilin Ransomware Attacks
The authentication bypass vulnerability allows attackers to establish VPN connections without a valid password.
The post Check Point VPN Zero-Day Exploited in Qilin Ransomware Attacks appeared first on SecurityWeek.
Google Patches 5th Chrome Zero-Day Exploited in 2026
The vulnerability is tracked as CVE-2026-11645 and it was reported in late April by an anonymous researcher.
The post Google Patches 5th Chrome Zero-Day Exploited in 2026 appeared first on SecurityWeek.
A Security Raises $37 Million for Autonomous Offensive Security Platform
The company founded by Yossi Torati, Omer Gull, and Yuval Itzchakov has emerged from stealth mode.
The post A Security Raises $37 Million for Autonomous Offensive Security Platform appeared first on SecurityWeek.
Everybody Is Vibe Coding But Nobody Told the Security Team
AI-driven development is not something organizations can or should block. But it must be governed.
The post Everybody Is Vibe Coding But Nobody Told the Security Team appeared first on SecurityWeek.
WhatsApp Catches Spyware Firm NSO Defying No-Hacking Court Order
The Meta-owned communications app is filing a federal court contempt order against NSO.
The post WhatsApp Catches Spyware Firm NSO Defying No-Hacking Court Order appeared first on SecurityWeek.
Cybersecurity M&A Roundup: 26 Deals Announced in May 2026
Significant cybersecurity M&A deals announced by Akamai, Check Point, Cisco, Cyera, Dragos, WatchGuard and Zscaler.
The post Cybersecurity M&A Roundup: 26 Deals Announced in May 2026 appeared first on SecurityWeek.
Everest Forms Vulnerability Exploited to Hack WordPress Sites
The flaw allows attackers to execute arbitrary code remotely and has been exploited in the wild for two months.
The post Everest Forms Vulnerability Exploited to Hack WordPress Sites appeared first on SecurityWeek.
174,000 Impacted by Lansing Community College Data Breach
Hackers accessed personal information stored on certain Lansing Community College systems in February 2025.
The post 174,000 Impacted by Lansing Community College Data Breach appeared first on SecurityWeek.
Silent Ransom Group Uses DNS Fast Flux in Attacks
Focusing on hacking law firms in the US, the ransomware group relies on fast flux to hide its C&C infrastructure.
The post Silent Ransom Group Uses DNS Fast Flux in Attacks appeared first on SecurityWeek.
OpenAI Rolling Out ChatGPT Account Security Controls
The Active Sessions and Lockdown Mode features are being made more broadly available by the AI giant.
The post OpenAI Rolling Out ChatGPT Account Security Controls appeared first on SecurityWeek.
Anthropic Urges Industry Coordination to Allow for a ‘Pause’ in AI Development if Risks Grow
The proposed coordination would let advanced AI labs verify that global rivals have actually stopped or slowed their work.
The post Anthropic Urges Industry Coordination to Allow for a ‘Pause’ in AI Development if Risks Grow appeared first on SecurityWeek.
SolarWinds Serv-U Vulnerability Exploited in the Wild
Unauthenticated attackers can exploit the flaw via specially crafted POST requests that crash the Serv-U service.
The post SolarWinds Serv-U Vulnerability Exploited in the Wild appeared first on SecurityWeek.
Meta Says 20,000 Instagram Accounts Hacked via AI Tool Abuse
The social media giant has informed authorities about the impact of the recent attack involving an account recovery support tool.
The post Meta Says 20,000 Instagram Accounts Hacked via AI Tool Abuse appeared first on SecurityWeek.
Emphere Raises $2.1 Million for AI-Powered Vulnerability Remediation
Emphere’s solution delivers AI-driven remediation to software companies to speed up releases.
The post Emphere Raises $2.1 Million for AI-Powered Vulnerability Remediation appeared first on SecurityWeek.
Opal Security Raises $23 Million for AI-Native Identity Governance
Raising $59 million to date, Opal also announced five senior leadership appointments.
The post Opal Security Raises $23 Million for AI-Native Identity Governance appeared first on SecurityWeek.
OWASP Incubator Project Helps Developers Find and Fix Vulnerable Dependencies in Seconds
CVE Lite CLI is a free, open-source command line tool that scans your projects in seconds and tells you exactly which included packages contain a vulnerability.
The post OWASP Incubator Project Helps Developers Find and Fix Vulnerable Dependencies in Seconds appeared first on SecurityWeek.
In Other News: Anthropic Maps AI Threats, Unpatched Comodo Flaw, Palantir Chief Eyed for CISA
Other noteworthy stories that might have slipped under the radar: Ultrahuman data leak, The Gentlemen ransomware analysis, Hola Browser bundles miner.
The post In Other News: Anthropic Maps AI Threats, Unpatched Comodo Flaw, Palantir Chief Eyed for CISA appeared first on SecurityWeek.
Hackers Leak DentaQuest Information Impacting 2.6 Million
The ShinyHunters extortion group leaked roughly 234 GB of data allegedly stolen from the dental benefits administrator.
The post Hackers Leak DentaQuest Information Impacting 2.6 Million appeared first on SecurityWeek.
Chrome 149 Patches 429 Vulnerabilities
Over 100 bugs are critical or high-severity, mainly use-after-free and insufficient validation of untrusted input flaws.
The post Chrome 149 Patches 429 Vulnerabilities appeared first on SecurityWeek.
Industry Reactions to New Trump AI Cybersecurity Executive Order: Feedback Friday
Experts commented on the EO’s voluntary nature, the balance between innovation and security, and potential implementation gaps.
The post Industry Reactions to New Trump AI Cybersecurity Executive Order: Feedback Friday appeared first on SecurityWeek.