Security Week
Nick Andersen Appointed Acting Director of CISA
Madhu Gottumukkala has been assigned to a new role within the Department of Homeland Security.
The post Nick Andersen Appointed Acting Director of CISA appeared first on SecurityWeek.
AWS Expands Security Hub Into a Cross-Domain Security Platform
The AWS Security Hub Extended plan aims to reduce security tool sprawl by correlating findings across multiple security domains.
The post AWS Expands Security Hub Into a Cross-Domain Security Platform appeared first on SecurityWeek.
North Korean APT Targets Air-Gapped Systems in Recent Campaign
Using Windows shortcut files, the APT deployed a new implant, a loader, a propagation tool, and two backdoors.
The post North Korean APT Targets Air-Gapped Systems in Recent Campaign appeared first on SecurityWeek.
Google Working Towards Quantum-Safe Chrome HTTPS Certificates
The internet giant is developing an evolution of the certificates based on Merkle Tree Certificates (MTCs).
The post Google Working Towards Quantum-Safe Chrome HTTPS Certificates appeared first on SecurityWeek.
US-Israel and Iran Trade Cyberattacks: Pro-West Hacks Cause Disruption as Tehran Retaliates
Both sides conduct hacking and other attacks, including the deployment of wiper malware, DDoS, and disruptions to critical infrastructure.
The post US-Israel and Iran Trade Cyberattacks: Pro-West Hacks Cause Disruption as Tehran Retaliates appeared first on SecurityWeek.
Hackers Weaponize Claude Code in Mexican Government Cyberattack
The AI was abused to write exploits, create tools, and automatically exfiltrate over 150GB of data.
The post Hackers Weaponize Claude Code in Mexican Government Cyberattack appeared first on SecurityWeek.
Canadian Tire Data Breach Impacts 38 Million Accounts
Names, addresses, email addresses, phone numbers, and encrypted passwords were compromised in the attack.
The post Canadian Tire Data Breach Impacts 38 Million Accounts appeared first on SecurityWeek.
Trump Orders All Federal Agencies to Phase Out Use of Anthropic Technology
OpenAI and Google, along with Elon Musk’s xAI, also have contracts to supply their AI models to the military.
The post Trump Orders All Federal Agencies to Phase Out Use of Anthropic Technology appeared first on SecurityWeek.
In Other News: ATT&CK Advisory Council, Russian Cyberattacks Aid Missile Strikes, Predator Bypasses iOS Indicators
Other noteworthy stories that might have slipped under the radar: cyber valuations surge, OpenAI disrupts malicious AI use, ShinyHunters claims Odido breach.
The post In Other News: ATT&CK Advisory Council, Russian Cyberattacks Aid Missile Strikes, Predator Bypasses iOS Indicators appeared first on SecurityWeek.
38 Million Allegedly Impacted by ManoMano Data Breach
Hackers stole personal information such as names, email addresses, phone numbers, and other information.
The post 38 Million Allegedly Impacted by ManoMano Data Breach appeared first on SecurityWeek.
900 Sangoma FreePBX Instances Infected With Web Shells
The attacks exploited a post-authentication command injection vulnerability in the endpoint manager’s interface.
The post 900 Sangoma FreePBX Instances Infected With Web Shells appeared first on SecurityWeek.
Chilean Carding Shop Operator Extradited to US
The 24-year-old suspect has been accused of trafficking over 26,000 cards from a single brand.
The post Chilean Carding Shop Operator Extradited to US appeared first on SecurityWeek.
Anthropic Refuses to Bend to Pentagon on AI Safeguards as Dispute Nears Deadline
Anthropic said it sought narrow assurances from the Pentagon that Claude won’t be used for mass surveillance of Americans or in fully autonomous weapons.
The post Anthropic Refuses to Bend to Pentagon on AI Safeguards as Dispute Nears Deadline appeared first on SecurityWeek.
Aeternum Botnet Loader Employs Polygon Blockchain C&C to Boost Resilience
Aeternum operates on smart contracts, making its command-and-control (C&C) infrastructure difficult to disrupt.
The post Aeternum Botnet Loader Employs Polygon Blockchain C&C to Boost Resilience appeared first on SecurityWeek.
Juniper Networks PTX Routers Affected by Critical Vulnerability
An out-of-band security update for Junos OS Evolved patches the remote code execution vulnerability CVE-2026-21902.
The post Juniper Networks PTX Routers Affected by Critical Vulnerability appeared first on SecurityWeek.
Critical Flaws Exposed Gardyn Smart Gardens to Remote Hacking
CISA has released an advisory to warn about four vulnerabilities discovered by a researcher in Gardyn Home and Gardyn Studio.
The post Critical Flaws Exposed Gardyn Smart Gardens to Remote Hacking appeared first on SecurityWeek.
Apple iPhone and iPad Cleared for Classified NATO Use
The devices have been added to the NATO Information Assurance Product Catalogue (NIAPC).
The post Apple iPhone and iPad Cleared for Classified NATO Use appeared first on SecurityWeek.
Four Risks Boards Cannot Treat as Background Noise
The goal isn’t about preventing every attack but about keeping the business running when attacks succeed.
The post Four Risks Boards Cannot Treat as Background Noise appeared first on SecurityWeek.
Claude Code Flaws Exposed Developer Devices to Silent Hacking
Anthropic has patched vulnerabilities whose impact was demonstrated by Check Point via malicious configuration files.
The post Claude Code Flaws Exposed Developer Devices to Silent Hacking appeared first on SecurityWeek.
Gambit Security Emerges From Stealth With $61 Million in Funding
The seed and Series A investment will enable the startup to accelerate product development and expand sales and customer success teams.
The post Gambit Security Emerges From Stealth With $61 Million in Funding appeared first on SecurityWeek.