SecurityWeek’s Cyber Insights 2025 examines expert opinions on the expected evolution of more than a dozen areas of ...

Enterprise software maker SAP on Tuesday announced the release of 14 new security notes as part of its January 2025 Patch Day ...

CISA and other Western security agencies have shared guidance for OT owners and operators when procuring products.

Attackers have been exploiting a second vulnerability in BeyondTrust’s remote management solutions, CISA warns.

Ivanti VPNs are still exposed to attacks exploiting a recent vulnerability tracked as CVE-2025-0282 and Nominet has been ...

Attackers are exploiting a critical vulnerability in Aviatrix Controller to execute arbitrary code in AWS cloud environments.

According to a whitepaper from Redmond’s AI red team, tools like its open source PyRIT (Python Risk Identification Toolkit) ...

A threat actor has been observed abusing compromised AWS keys to encrypt data in S3 buckets and demand a ransom payment in exchange for the encryption keys, cybersecurity firm Halcyon reports. As part ...

Infostealer malware allowed threat actors to compromise Telefonica employees’ credentials and access the company’s internal ticketing system.

A fake proof-of-concept (PoC) exploit for a recent LDAP vulnerability distributes information stealer malware.

Chinese cyberspies targeted offices dealing with foreign investments and sanctions in the recent US Treasury hack.

Juniper Networks has patched multiple high-severity vulnerabilities in Junos OS and its third-party components.