The company will use the investment to accelerate development of its autonomous virtual security operations center (vSOC).
The post RADICL Raises $31 Million for vSOC appeared first on SecurityWeek.
Albeit mainly considered a theoretical risk, the flaw has been exploited to disable protections and deliver malware.
The post Critical React Native Vulnerability Exploited in the Wild appeared first on SecurityWeek.
ShinyHunters has claimed the theft of 14 million records from the US bakery-cafe chainβs systems.
The post Hackers Leak 5.1 Million Panera Bread Records appeared first on SecurityWeek.
The company will invest in market expansion and accelerating product capabilities.
The post Kasada Raises $20 Million for Anti-Bot Expansion appeared first on SecurityWeek.
Hackers rely on evolved vishing and login harvesting to compromise SSO credentials for unauthorized MFA enrollment.
The post ShinyHunters-Branded Extortion Activity Expands, Escalates appeared first on SecurityWeek.
A hacker published malicious versions of four established VS Code extensions to distribute a GlassWorm malware loader.
The post Open VSX Publisher Account Hijacked in Fresh GlassWorm Attack appeared first on SecurityWeek.
Of 3,100 unprotected MongoDB instances, half remain compromised, most of them by a single threat actor.
The post Over 1,400 MongoDB Databases Ransacked by Threat Actor appeared first on SecurityWeek.
The next major Windows Server and Windows releases will have the deprecated authentication protocol disabled by default.
The post Microsoft Moves Closer to Disabling NTLM appeared first on SecurityWeek.
Hackers compromised a MicroWorld Technologies update server and fed a malicious file to eScan customers.
The post eScan Antivirus Delivers Malware in Supply Chain Attack appeared first on SecurityWeek.
Among them, 23,000 hosts were persistently responsible for the majority of activity observed over 293 days of scanning.
The post 175,000 Exposed Ollama Hosts Could Enable LLM Abuse appeared first on SecurityWeek.
Android users were lured to applications that served a malicious payload hosted in a Hugging Face repository.
The post Hugging Face Abused to Deploy Android RAT appeared first on SecurityWeek.
The critical-severity vulnerabilities could allow unauthenticated attackers to execute arbitrary code remotely.
The post Ivanti Patches Exploited EPMM Zero-Days appeared first on SecurityWeek.
An LLMjacking operation has been targeting exposed LLMs and MCPs at scale, for commercial monetization.
The post LLMs Hijacked, Monetized in βOperation Bizarre Bazaarβ appeared first on SecurityWeek.
The two bugs impacted n8nβs sandbox mechanism and could be exploited via weaknesses in the AST sanitization logic.
The post N8n Vulnerabilities Could Lead to Remote Code Execution appeared first on SecurityWeek.
The four critical flaws could be exploited without authentication for remote code execution or authentication bypass.
The post SolarWinds Patches Critical Web Help Desk Vulnerabilities appeared first on SecurityWeek.
One of the largest residential proxy networks, IPIDEA enrolled devices through SDKs for mobile and desktop.
The post Google Disrupts IPIDEA Proxy NetworkΒ appeared first on SecurityWeek.
The investment will allow Mesh to advance its autonomous, agentic capabilities, and scale sales and customer support efforts.
The post Mesh Security Raises $12 Million for CSMA Platform appeared first on SecurityWeek.
New Strict Account Settings allow users to block attachments and media and silence calls from unknown people.
The post WhatsApp Boosts Account Security for At-Risk Individuals appeared first on SecurityWeek.
Russian and Chinese state-sponsored threat actors have been exploiting CVE-2025-8088 since July 2025.
The post APTs, Cybercriminals Widely Exploiting WinRAR Vulnerability appeared first on SecurityWeek.
Tracked as CVE-2026-24858, the bug allows attackers to log into devices registered to other FortiCloud accounts.
The post Fortinet Patches Exploited FortiCloud SSO Authentication Bypass appeared first on SecurityWeek.
Login
