The company will use the investment to accelerate product development and grow go-to-market efforts. The post Cloudsmith Raises $72 Million in Series C Funding appeared first on SecurityWeek.
Apple has released security updates to address a Notification Services issue in iOS and iPadOS that could cause alerts marked for deletion to remain stored on a device. The fix was delivered in iOS 26.4.2 / iPadOS 26.4.2 and iOS 18.7.8 / iPadOS 18.7.8, where Apple says the problem was resolved through improved data redaction. […]
360 Digital Security Group claims to have uncovered 1,000 vulnerabilities using AI, including at the Tianfu Cup hacking contest. The post Chinese Cybersecurity Firm’s AI Hacking Claims Draw Comparisons to Claude Mythos appeared first on SecurityWeek.
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-39987 Marimo Remote Code Execution Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk […]
The company will hire new talent and expand operations across the US and other allied countries. The post Rilian Raises $17.5 Million for AI-Native Security Orchestration appeared first on SecurityWeek.
New analysis from Abnormal AI reveals how attackers have abandoned technical exploits to weaponize routine workflows and internal trust. The post The Behavioral Shift: Why Trusted Relationships Are the Newest Attack Surface appeared first on SecurityWeek.
The company is notifying My Rituals members that hackers downloaded part of their data, including names and addresses. The post Luxury Cosmetics Giant Rituals Discloses Data Breach appeared first on SecurityWeek.
Microsoft has released out-of-band updates for CVE-2026-40372, a high-impact ASP.NET Core privilege-escalation vulnerability tied to the platform’s Data Protection cryptographic APIs. Public reporting says the flaw carries a CVSS score of 9.1 and could allow an unauthenticated attacker to forge authentication material and ultimately obtain SYSTEM privileges on affected systems. The issue stands out not […]
Palo Alto Networks has developed Zealot, a multi-agent penetration testing PoC capable of reconnaissance, exploitation, and exfiltration. The post AI Can Autonomously Hack Cloud Systems With Minimal Oversight: Researchers appeared first on SecurityWeek.
How OSINT is Used in Cybersecurity (Real-World Use Cases) In 2018, investigators at Bellingcat unmasked 305 officers from Russia’s military intelligence unit, GRU Unit 26165, using nothing but a public vehicle registration database and a Moscow address. No classified leaks. No hacking. Just open-source data, read carefully. That story captures what OSINT is and why […]