Security Week

MokN's platform deploys realistic decoy access points to lure attackers into revealing compromised credentials, enabling organizations to respond before abuse occurs.

The post MokN Raises $15 Million for Phish-Back Platform appeared first on SecurityWeek.

The critical-severity issue, assigned a CVSS score of 9.4, is an argument injection flaw that can be exploited by authenticated attackers via pull requests with malicious branch names.

The post Gogs Zero-Day Exposes Servers to Remote Code Execution appeared first on SecurityWeek.

Attorney General Rob Bonta filed the lawsuit against Chrome Holding Co., which 23andMe rebranded under after filing for bankruptcy last March.

The post California Sues 23andMe, Alleging It Failed to Protect User Data in 2023 Breach appeared first on SecurityWeek.

The browser update resolves critical-severity security defects that could potentially lead to remote code execution.

The post Chrome 148 Update Patches 151 Vulnerabilities appeared first on SecurityWeek.

Researchers warn GreyVibe’s extensive use of ChatGPT, Gemini, and other AI tools offers a glimpse into how future cybercriminal and state-aligned groups will operate.

The post Russia-Linked ‘GreyVibe’ Attackers Use AI to Supercharge Cyberattacks appeared first on SecurityWeek.

The funding round was led by Balderton Capital, with additional support from Crosspoint Capital and previous investors General Catalyst and Ten Eleven Ventures.

The post Geordie Raises $30 Million for AI Security and Governance Platform appeared first on SecurityWeek.

Data breach leaves nearly 6 million Carnival customers navigating identity theft risks.

The post Carnival Data Breach Exposed 6 Million People appeared first on SecurityWeek.

Delivered via phishing lures, the malware combines financial theft with data exfiltration and remote access.

The post New BTMOB Android Malware Enables Full Device Takeover appeared first on SecurityWeek.

Fortinet rolled out hotfixes for the security defect in April, warning that it had been exploited in the wild as a zero-day and urging immediate patching.

The post Critical FortiClient EMS Vulnerability Exploited in Fresh Attacks appeared first on SecurityWeek.

Project Lightwell is designed to fix vulnerabilities without breaking what is already in production.

The post IBM and Red Hat Commit $5 Billion to Secure Open Source Supply Chains Under “Project Lightwell” appeared first on SecurityWeek.

France-based startup Edamame says its runtime verification platform uses host telemetry and AI analysis to detect coding-agent “intent drift,” secret theft and supply-chain attacks in real time.

The post New Edamame Platform Aims to Catch AI Coding Agents Going Off the Rails appeared first on SecurityWeek.

The security flaw allowed attackers to pull private container images, exposing source code, credentials, and infrastructure.

The post Gitea Vulnerability Exposed 30,000 Deployments to Attacks appeared first on SecurityWeek.

CISOs are now facing machine-speed attacks and asking, “How do I agent?” The industry must provide remediation at scale.

The post Raising the Cybersecurity Stakes: Ante up for the Agentic Era appeared first on SecurityWeek.

New AI Threat Defense platform combines capabilities from Mandiant, Wiz and Gemini to help customers fight AI with AI.

The post Google Unveils AI Threat Defense Platform to Fight AI-Powered Cyberattacks appeared first on SecurityWeek.

The speech is the latest in a string of warnings from intelligence experts that Russia is stepping up hostile activity in a “gray zone” that falls just below the threshold of war.

The post UK Cyberspying Chief Calls AI ‘an Unstoppable Force’ and Warns About Russia appeared first on SecurityWeek.

Novee researchers discovered an account takeover vulnerability in the open source CFP management tool Pretalx.

The post Vulnerability in Popular Conference Software Granted Attackers a 100% Talk Acceptance Rate appeared first on SecurityWeek.

Now in its third year, the AI Risk Summit is the leading conference that brings together CISOs, security leaders, AI researchers, developers, policymakers, and enterprise risk professionals.

The post SecurityWeek to Host AI Risk Summit August 11-12 at the Ritz-Carlton, Half Moon Bay appeared first on SecurityWeek.

Using an AI model called BinNet, RevEng hunts vulnerabilities and backdoors in released software binaries.

The post RevEng.AI Raises $15 Million to Hunt for Flaws and Backdoors in Software Binaries appeared first on SecurityWeek.

Catalin Dragomir previously pleaded guilty to selling access to an Oregon state government office’s network.

The post Romanian Hacker Sentenced to Prison in US for Selling Access to State Network appeared first on SecurityWeek.

The new funding, led by BDC Capital’s StrongNorth Fund, will accelerate Lastwall’s North American expansion.

The post Lastwall Raises $11.5 Million for Quantum-Resilient Identity Platform appeared first on SecurityWeek.