Security Week

The hackers gained the ability to modify equipment operational parameters, creating a direct risk to the public water supply.

The post Polish Security Agency Reports ICS Breaches at Five Water Treatment Plants appeared first on SecurityWeek.

Hackers accessed one of the company’s AWS accounts and compromised AI provider secrets stored in Braintrust.

The post AI Firm Braintrust Prompts API Key Rotation After Data Breach appeared first on SecurityWeek.

A system that thousands of schools and universities use went offline due to a cyberattack, creating chaos as students tried to study for finals.

The post Cyberattack Hits Canvas System Used by Thousands of Schools as Finals Loom appeared first on SecurityWeek.

The malware framework targets web applications and cloud environments, including AWS, Docker, Kubernetes, and more.

The post ‘PCPJack’ Worm Removes TeamPCP Infections, Steals Credentials appeared first on SecurityWeek.

RansomHouse has published several screenshots to demonstrate access to internal Trellix services.

The post Ransomware Group Takes Credit for Trellix Hack appeared first on SecurityWeek.

Lax extension permissions and improper trust implementation allow attackers to inject prompts in the Claude Chrome extension.

The post Vulnerability in Claude Extension for Chrome Exposes AI Agent to Takeover appeared first on SecurityWeek.

CVE-2026-6973 is a high-severity vulnerability that allows an attacker who has admin privileges to execute arbitrary code.

The post Ivanti Patches EPMM Zero-Day Exploited in Targeted Attacks appeared first on SecurityWeek.