SecurityWeek

Very few people in the cybersecurity industry do not know, or know of, Bryson Bort. Yes, he’s the CEO/Founder of SCYTHE, but he’s also the co-founder of ICS Village (the next one at RSA Conference from April 28 to May 1, 2025). This event, and all of our industry’s attention on critical infrastructure, is pivotal […]

The post Rising Tides: Bryson Bort on Cyber Entrepreneurship and the Needed Focus on Critical Infrastructure appeared first on SecurityWeek.

Law enforcement agencies in multiple countries have announced the arrests of users of the malicious Smokeloader botnet.

The post Europol Targets Customers of Smokeloader Pay-Per-Install Botnet appeared first on SecurityWeek.

Trump orders a termination of any active security clearances held by Krebs and a suspension of clearances held by individuals at SentinelOne.

The post Trump Revokes Security Clearance for Ex-CISA Director Chris Krebs appeared first on SecurityWeek.

Juniper Networks has patched two dozen vulnerabilities in Junos OS and Junos OS Evolved, and dozens of flaws in Junos Space third-party dependencies.

The post Juniper Networks Patches Dozens of Junos Vulnerabilities appeared first on SecurityWeek.

Routers are the riskiest devices in enterprise networks as they contain the most critical vulnerabilities, a new Forescout report shows.

The post Study Identifies 20 Most Vulnerable Connected Devices of 2025 appeared first on SecurityWeek.

GitHub security campaigns make it easier for developers and security teams to collaborate on fixing vulnerabilities in their applications.

The post GitHub Announces General Availability of Security Campaigns appeared first on SecurityWeek.

Researchers find vulnerabilities that can be exploited to remotely take control of a Nissan Leaf’s functions, including physical controls.

The post Nissan Leaf Hacked for Remote Spying, Physical Takeover appeared first on SecurityWeek.

Sensata has informed the SEC that shipping, manufacturing and other operations have been impacted by a ransomware attack.

The post Operations of Sensor Giant Sensata Disrupted by Ransomware Attack appeared first on SecurityWeek.

CAPTCHA-evading Python framework AkiraBot has spammed over 80,000 websites with AI-generated spam messages.

The post ‘AkiraBot’ Spammed 80,000 Websites With AI-Generated Messages appeared first on SecurityWeek.

Google plans to unleash automated AI agents into overtaxed SOCs to reduce the manual workload for cybersecurity investigators.

The post Google Targets SOC Overload With Automated AI Alert and Malware Analysis Tools appeared first on SecurityWeek.

The greatest security policies in the world are useless if enterprises don’t have a reasonable, consistent, and reliable way to implement them.

The post Groucho’s Wit, Cloud Complexity, and the Case for Consistent Security Policy appeared first on SecurityWeek.

Agentic AI has improved spear phishing effectiveness by 55% since 2023, research shows.

The post AI Now Outsmarts Humans in Spear Phishing, Analysis Shows appeared first on SecurityWeek.

French cybersecurity startup Qevlar AI has raised $10 million in a funding round led by EQT Ventures and Forgepoint Capital International.

The post Qevlar AI Raises $10 Million for Autonomous Investigation Platform appeared first on SecurityWeek.

The Office of the Comptroller of the Currency (OCC) has disclosed an email security incident in which 100 accounts were compromised for over a year. 

The post Treasury’s OCC Says Hackers Had Access to 150,000 Emails appeared first on SecurityWeek.

CISA has added fresh CentreStack and Windows CLFS vulnerabilities to the Known Exploited Vulnerabilities catalog.

The post CISA Urges Urgent Patching for Exploited CentreStack, Windows Zero-Days appeared first on SecurityWeek.

Ivanti, VMware, and Zoom released fixes for dozens of vulnerabilities in their products on April 2025 Patch Tuesday.

The post Vulnerabilities Patched by Ivanti, VMware, Zoom  appeared first on SecurityWeek.

Fortinet fixes a critical-severity bug in FortiSwitch that could allow an attacker to modify administrative passwords.

The post Fortinet Patches Critical FortiSwitch Vulnerability appeared first on SecurityWeek.

Oracle is sending out written notifications to customers over the recent hack after it initially appeared to completely deny a data breach.

The post Oracle Faces Mounting Criticism as It Notifies Customers of Hack appeared first on SecurityWeek.

Industrial giants Siemens, Rockwell, Schneider and ABB have released their March 2025 Patch Tuesday ICS security advisories.

The post ICS Patch Tuesday: Vulnerabilities Addressed by Rockwell, ABB, Siemens, Schneider appeared first on SecurityWeek.

Patch Tuesday: Microsoft ships urgent cover for another WIndows CLFS vulnerability already exploited in the wild.

The post Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day appeared first on SecurityWeek.