Cyber Insurance Data Gives CISOs New Ammo for Budget Talks
CFOs and boards need to understand risk in financial terms. Insurance data can do this. Obtaining adequate cybersecurity budget from the board requires translating technical…
Category: SecurityWeek
Robinhood Vulnerability Exploited for Phishing Attacks
Investing and trading platform Robinhood has confirmed that cybercriminals exploited a vulnerability in its account creation process to send out legitimate-looking phishing emails. Many Robinhood…
Spectrum Security Emerges From Stealth Mode With $19 Million
Threat detection startup Spectrum Security has emerged from stealth mode with $19 million in seed funding. The investment round was led by TechOperators, with additional…
Energy and Water Management Firm Itron Hacked
US-based energy and water management solutions provider Itron has launched an investigation after hackers gained access to some of its systems. Itron helps utilities and…
Malicious AI Prompt Injection Attacks Increasing, but Sophistication Still Low: Google
Google has analyzed AI indirect prompt injection attempts involving sites on the public web and noticed an increase in malicious attacks over the past months,…
OpenSSH Flaw Allowing Full Root Shell Access Lurked for 15 Years
OpenSSH versions released over the past 15 years are affected by a vulnerability leading to full root shell access, and attacks cannot be spotted via…
Incomplete Windows Patch Opens Door to Zero-Click Attacks
Incomplete patch for a Windows SmartScreen and Windows Shell security prompts bypass created a new bug enabling zero-click attacks, Akamai reports. The initial vulnerability, tracked…
UNC6692 Uses Email Bombing, Social Engineering to Deploy ‘Snow’ Malware
A recently discovered threat actor has been observed bombarding victims with emails and impersonating IT support to convince them to execute malicious code, Google Threat…
Copperhelm Raises $7 Million for Agentic Cloud Security Platform
Israel-based Copperhelm on Thursday emerged from stealth mode, having raised $7 million in seed funding for its agentic cloud security platform. The funding round was…
Bitwarden NPM Package Hit in Supply Chain Attack
The Bitwarden command-line interface (CLI) NPM package was compromised in a supply chain attack that appears tied to previous campaigns against the open source software…
Vulnerabilities Patched in CrowdStrike, Tenable Products
CrowdStrike and Tenable informed customers this week about potentially serious vulnerabilities found and patched in their products. CrowdStrike published an advisory for CVE-2026-40050, a critical…
US Federal Agency’s Cisco Firewall Infected With ‘Firestarter’ Backdoor
At least one US federal agency was infected with a backdoor as part of a widespread China-linked espionage campaign targeting Cisco firewalls. In May 2024,…