Android Update Patches Exploited Zero-Day, 123 Other Vulnerabilities
Google on Monday announced its latest Android update, which includes patches for 124 vulnerabilities, including a zero-day that has been exploited in targeted attacks. The…
Category: SecurityWeek
Exclusive: How One Line of Code Put Billions of Microsoft Android App Downloads at Risk
Six Microsoft 365 Android apps contain an identical flaw that could risk billions of downloads being compromised. The findings, shared exclusively with SecurityWeek ahead of…
Trump Signs Executive Order That Invites Vetting of Top AI Models for National Security Risks
President Donald Trump signed an executive order on oversight of artificial intelligence Tuesday, less than two weeks after postponing a White House ceremony over his…
Two New Reports Offer Competing Explanations for Cybersecurity’s Growing Crisis
Two reports offer differing viewpoints. One suggests a failure of tools to provide what security teams really need. The other suggests the tools exist but…
The Zero-Knowledge Threat Actor and the End of Responsible Disclosure
One of the most dangerous outcomes of the rise of AI in cybersecurity is the rise of the zero-knowledge threat actor. A threat actor who…
Dashlane Brute-Force Attack Leads to Limited Encrypted Vault Downloads
Password management and credential security solutions provider Dashlane revealed on Monday that it has been targeted in a brute-force attack campaign that resulted in a…
Critical Windows Netlogon Vulnerability in Attackers’ Crosshairs
Threat actors are exploiting a critical-severity Windows Netlogon vulnerability for remote code execution, Centre for Cybersecurity Belgium (CCB) warns. Tracked as CVE-2026-41089 (CVSS score of…
WP Maps Pro Vulnerability Exploited to Take Over WordPress Sites
Threat actors are exploiting a critical-severity vulnerability in the WP Maps Pro WordPress plugin to take over websites, Defiant warns. WP Maps Pro allows site…
Dutch Police Dismantle Massive 17-Million-Device Botnet
Dutch police say they have disrupted a massive botnet consisting of 17 million infected computers, smartphones, and tablets. According to the authorities, the botnet was…
Dragos Acquires xIoT Security Firm Phosphorus
Industrial cybersecurity firm Dragos has acquired xIoT security specialist Phosphorus, a move aimed at strengthening its ability to help organizations secure and manage the growing…
Exploit Code Published for Critical Flowise RCE Vulnerability
Obsidian Security has released technical information and proof-of-concept (PoC) code targeting a remote code execution (RCE) vulnerability in Flowise. The issue, tracked as CVE-2026-40933 (CVSS…
Russian Spies Are Aggressively Seeking Western Technology as Sanctions Bite, Officials Say
Russia’s intelligence agencies have grown more aggressive in their efforts to steal Western technology and defense secrets as sanctions squeeze the country’s wartime economy, three…