Watch Now: CodeSecCon – Where Software Security’s Next Chapter Unfolds (Virtual Event)
CodeSecCon is the premier virtual event bringing together developers and cybersecurity professionals to revolutionize the way applications are built, secured, and maintained. The post Watch Now: CodeSecCon – Where Software Security’s Next Chapter Unfolds (Virtual Event) appeared first on SecurityWeek. more…In Other News: Critical Zoom Flaw, City’s Water Threatened by Hack, $330 Billion OT Cyber Risk
Other noteworthy stories that might have slipped under the radar: Canada’s House of Commons hacked, Russia behind court system attack, Pennsylvania AG targeted in cyberattack. The post In Other News: Critical Zoom Flaw, City’s Water Threatened by Hack, $330 Billion OT Cyber Risk appeared first on SecurityWeek. more…Inside the Dark Web’s Access Economy: How Hackers Sell the Keys to Enterprise Networks
Rapid7’s analysis of dark web forums reveals a thriving market where elite hackers sell corporate network access to buyers, turning cybercrime into a streamlined business. The post Inside the Dark Web’s Access Economy: How Hackers Sell the Keys to Enterprise Networks appeared first on SecurityWeek. more…Now Live: CodeSecCon – Where Software Security’s Next Chapter Unfolds (Virtual Event)
Taking place August 12-13, CodeSecCon is the premier virtual event bringing together developers and cybersecurity professionals to revolutionize the way applications are built, secured, and maintained. The post Now Live: CodeSecCon – Where Software Security’s Next Chapter Unfolds (Virtual Event) appeared first on SecurityWeek. more…Red Teams Jailbreak GPT-5 With Ease, Warn It’s ‘Nearly Unusable’ for Enterprise
Researchers demonstrate how multi-turn “storytelling” attacks bypass prompt-level filters, exposing systemic weaknesses in GPT-5’s defenses. The post Red Teams Jailbreak GPT-5 With Ease, Warn It’s ‘Nearly Unusable’ for Enterprise appeared first on SecurityWeek. more…CodeSecCon 2025: Where Software Security’s Next Chapter Unfolds
Taking place August 12-13, CodeSecCon is the premier virtual event bringing together developers and cybersecurity professionals to revolutionize the way applications are built, secured, and maintained. The post CodeSecCon 2025: Where Software Security’s Next Chapter Unfolds appeared first on SecurityWeek. more…Help Desk at Risk: Scattered Spider Shines Light on Overlook Threat Vector
As attackers target help desks and identity systems, traditional security perimeters are proving insufficient against agile, socially-engineered threats. The post Help Desk at Risk: Scattered Spider Shines Light on Overlook Threat Vector appeared first on SecurityWeek. more…Major Enterprise AI Assistants Can Be Abused for Data Theft, Manipulation
Zenity has shown how AI assistants such as ChatGPT, Copilot, Cursor, Gemini, and Salesforce Einstein can be abused using specially crafted prompts. The post Major Enterprise AI Assistants Can Be Abused for Data Theft, Manipulation appeared first on SecurityWeek. more…Enterprise Secrets Exposed by CyberArk Conjur Vulnerabilities
CyberArk has patched several vulnerabilities that could be chained for unauthenticated remote code execution. The post Enterprise Secrets Exposed by CyberArk Conjur Vulnerabilities appeared first on SecurityWeek. more…WhatsApp Takes Down 6.8 Million Accounts Linked to Criminal Scam Centers, Meta Says
Meta linked these scams to a criminal scam center in Cambodia — and said it disrupted the campaign in partnership with ChatGPT maker OpenAI. The post WhatsApp Takes Down 6.8 Million Accounts Linked to Criminal Scam Centers, Meta Says appeared first on SecurityWeek. more…Chinese Researchers Suggest Lasers and Sabotage to Counter Musk’s Starlink Satellites
Chinese military and cyber researchers are intensifying efforts to counter Elon Musk’s Starlink satellite network, viewing it as a potential tool for U.S. military power across nuclear, space, and cyber domains. The post Chinese Researchers Suggest Lasers and Sabotage to Counter Musk’s Starlink Satellites appeared first on SecurityWeek. more…Scattered Spider Activity Drops Following Arrests, but Others Adopting Group’s Tactics
Multiple financially motivated threat actors are targeting backup systems and employing Scattered Spider’s social engineering techniques. The post Scattered Spider Activity Drops Following Arrests, but Others Adopting Group’s Tactics appeared first on SecurityWeek. more…Flaw in Vibe Coding Platform Base44 Exposed Private Enterprise Applications
Base44 owner Wix quickly patched a critical authentication bypass vulnerability discovered by researchers at Wiz. The post Flaw in Vibe Coding Platform Base44 Exposed Private Enterprise Applications appeared first on SecurityWeek. more…Tea App Takes Messaging System Offline After Second Security Issue Reported
Tea has said about 72,000 images were leaked online in the initial incident, and another 59,000 images publicly viewable in the app from posts, comments and direct messages were also accessed. The post Tea App Takes Messaging System Offline After Second Security Issue Reported appeared first on SecurityWeek. more…Scattered Spider Targeting VMware vSphere Environments
The financially motivated group is pivoting from Active Directory to VMware vSphere environments, deploying ransomware from the hypervisor. The post Scattered Spider Targeting VMware vSphere Environments appeared first on SecurityWeek. more…Mitel Patches Critical Flaw in Enterprise Communication Platform
An authentication bypass vulnerability in Mitel MiVoice MX-ONE could allow attackers to access user or admin accounts on the system. The post Mitel Patches Critical Flaw in Enterprise Communication Platform appeared first on SecurityWeek. more…More information
- Google releases Android Device Manager app
- Phishers target middle management
- Why ‘I forgot my password’ won’t go down well with a judge
- The Age of the Drone Police Is Here
- US Election: Official Probe Slams Clinton’s Private Email Use
- ‘Surveillance minimization’ needed to restore trust
- Duckduckgo launches privacy browser beta for macOS
- Update: ANGEL File Move
- Microsoft: Patch for critical IE zero-day bug coming Friday
- Potential Phantom Menace found on Twitter: a Star Wars botnet