Latest Cybersecurity News and Articles
05 August 2025
Cisco has disclosed a data breach affecting Cisco.com user accounts, including names, email address, and phone numbers.
The post Cisco Says User Data Stolen in CRM Hack appeared first on SecurityWeek.
05 August 2025
Cybersecurity researchers have disclosed a high-severity security flaw in the artificial intelligence (AI)-powered code editor Cursor that could result in remote code execution.
The vulnerability, tracked as CVE-2025-54136 (CVSS score: 7.2), has been codenamed MCPoison by Check Point Research, owing to the fact that it exploits a quirk in the way the software handles modifications to Model
05 August 2025
Many companies are showcasing their products and services this week at the 2025 edition of the Black Hat conference in Las Vegas.
The post Black Hat USA 2025 – Summary of Vendor Announcements (Part 1) appeared first on SecurityWeek.
05 August 2025
As AI makes software development accessible to all, security teams face a new challenge: protecting applications built by non-developers at unprecedented speed and scale.
The post Vibe Coding: When Everyone’s a Developer, Who Secures the Code? appeared first on SecurityWeek.
05 August 2025
In SaaS security conversations, “misconfiguration” and “vulnerability” are often used interchangeably. But they’re not the same thing. And misunderstanding that distinction can quietly create real exposure.
This confusion isn’t just semantics. It reflects a deeper misunderstanding of the shared responsibility model, particularly in SaaS environments where the line between vendor and customer
05 August 2025
Approov has raised $6.7 million in Series A funding to advance its mobile application and API security solutions.
The post Approov Raises $6.7 Million for Mobile App Security appeared first on SecurityWeek.
05 August 2025
Why do SOC teams still drown in alerts even after spending big on security tools? False positives pile up, stealthy threats slip through, and critical incidents get buried in the noise. Top CISOs have realized the solution isn’t adding more and more tools to SOC workflows but giving analysts the speed and visibility they need to catch real attacks before they cause damage.
Here’s how
05 August 2025
Android’s light August 2025 security update resolves an Adreno GPU vulnerability confirmed as exploited in June.
The post Android’s August 2025 Update Patches Exploited Qualcomm Vulnerability appeared first on SecurityWeek.
05 August 2025
Research demonstrating high-impact cloud and AI security flaws will be rewarded at Microsoft’s Zero Day Quest competition in spring 2026.
The post Microsoft Offers $5 Million at Zero Day Quest Hacking Contest appeared first on SecurityWeek.
05 August 2025
Threat actors might be exploiting a zero-day vulnerability in SonicWall firewalls in a fresh wave of ransomware attacks.
The post SonicWall Hunts for Zero-Day Amid Surge in Firewall Exploitation appeared first on SecurityWeek.
05 August 2025
Cybersecurity researchers have lifted the veil on a widespread malicious campaign that's targeting TikTok Shop users globally with an aim to steal credentials and distribute trojanized apps.
"Threat actors are exploiting the official in-app e-commerce platform through a dual attack strategy that combines phishing and malware to target users," CTM360 said. "The core tactic involves a deceptive
05 August 2025
SonicWall said it's actively investigating reports to determine if there is a new zero-day vulnerability following reports of a spike in Akira ransomware actors in late July 2025.
"Over the past 72 hours, there has been a notable increase in both internally and externally reported cyber incidents involving Gen 7 SonicWall firewalls where SSLVPN is enabled," the network security vendor said in a
04 August 2025
Nvidia has patched over a dozen vulnerabilities in Triton Inference Server, including another set of vulnerabilities that threaten AI systems.
The post Nvidia Triton Vulnerabilities Pose Big Risk to AI Models appeared first on SecurityWeek.
04 August 2025
A newly disclosed set of security flaws in NVIDIA's Triton Inference Server for Windows and Linux, an open-source platform for running artificial intelligence (AI) models at scale, could be exploited to take over susceptible servers.
"When chained together, these flaws can potentially allow a remote, unauthenticated attacker to gain complete control of the server, achieving remote code execution
04 August 2025
Cybersecurity researchers are calling attention to a new wave of campaigns distributing a Python-based information stealer called PXA Stealer.
The malicious activity has been assessed to be the work of Vietnamese-speaking cybercriminals who monetize the stolen data through a subscription-based underground ecosystem that automates the resale and reuse via Telegram APIs, according to a joint
04 August 2025
CISA and FEMA announced two grants of more than $100 million for state, local, and tribal governments looking to improve cybersecurity.
The post US Announces $100 Million for State, Local and Tribal Cybersecurity appeared first on SecurityWeek.
04 August 2025
Cisco’s latest jailbreak method reveals just how easily sensitive data can be extracted from chatbots trained on proprietary or copyrighted content.
The post AI Guardrails Under Fire: Cisco’s Jailbreak Demo Exposes AI Weak Points appeared first on SecurityWeek.
04 August 2025
The US Senate voted to confirm Sean Cairncross as the National Cyber Director, five months after nominalization.
The post Sean Cairncross Confirmed by Senate as National Cyber Director appeared first on SecurityWeek.
04 August 2025
Almost half of Gen Z has a side hustle, the highest percentage of any other generation. This may leave them at higher risk of cyberattacks.
04 August 2025
Malware isn’t just trying to hide anymore—it’s trying to belong. We’re seeing code that talks like us, logs like us, even documents itself like a helpful teammate. Some threats now look more like developer tools than exploits. Others borrow trust from open-source platforms, or quietly build themselves out of AI-written snippets. It’s not just about being malicious—it’s about being believable.