Webinar Today: Why Context is a Secret Weapon in Application Security Posture Management
It’s easy to drown in a sea of data where every vulnerability or misconfiguration is deemed important. If everything is deemed a priority, nothing actually…
Category: SecurityWeek
MATLAB Maker MathWorks Recovering From Ransomware Attack
Software maker MathWorks this week confirmed that a widespread outage that has impacted its applications since May 18 was the result of a ransomware attack.…
364,000 Impacted by Data Breach at LexisNexis Risk Solutions
Data broker giant LexisNexis Risk Solutions (LNRS) is notifying more than 364,000 people that their personal information was stolen in a December 2024 data breach.…
Czech Government Condemns Chinese Hack on Critical Infrastructure
The Czech government delivered a pointed warning to China on Wednesday, publicly attributing a years-long intrusion in the foreign ministry’s networks to APT31, a cyber-espionage…
Vietnamese Hackers Distribute Malware via Fake AI-Themed Websites
Over the past year, a threat actor has been banking on the wild popularity of AI tools to lure computer users to fake content creation…
Cerby Raises $40 Million for Identity Automation Platform
Identity security automation platform startup Cerby on Wednesday announced raising $40 million in a Series B funding round that brings the total raised by the…
OneDrive Gives Web Apps Full Read Access to All Files
Excessive permissions and ambiguous consent statements may provide web apps uploading files to OneDrive with read access to all user files rather than just those…
Chrome 137, Firefox 139 Patch High-Severity Vulnerabilities
Google and Mozilla on Tuesday announced the release of Chrome 137 and Firefox 139, with patches for a total of 21 vulnerabilities between the two…
The Root of AI Hallucinations: Physics Theory Digs Into the ‘Attention’ Flaw
No-one really understands how AI works or when and why it doesn’t. But the application of first-principle physics theory to the working of AI’s Attention…
Vulnerabilities in CISA KEV Are Not Equally Critical: Report
Security flaws in CISA’s Known Exploited Vulnerabilities (KEV) catalog should be treated with urgency based on environmental context assessments, according to a new report from…
$223 Million Stolen in Cetus Protocol Hack
A vulnerability in the smart contract for liquidity pools allowed hackers to steal roughly $223 million in virtual assets from cryptocurrency exchange Cetus Protocol. The…
Zscaler to Acquire MDR Specialist Red Canary
Zscaler on Tuesday signaled a big push into the security-operations market with the announcement of plans to buy Denver-based managed detection and response (MDR) specialist…