Security Week
F5 Patches Over 50 Vulnerabilities
The company’s latest quarterly advisory describes high and medium-severity issues in BIG-IP, BIG-IQ, and NGINX.
The post F5 Patches Over 50 Vulnerabilities appeared first on SecurityWeek.
Hackers Targeted PraisonAI Vulnerability Hours After Disclosure
The first exploitation attempts were observed less than four hours after the authentication bypass was publicly disclosed.
The post Hackers Targeted PraisonAI Vulnerability Hours After Disclosure appeared first on SecurityWeek.
High-Severity Vulnerability Patched in VMware Fusion
The patch was announced as Broadcom is attending the Pwn2Own hacking competition in Berlin this week.
The post High-Severity Vulnerability Patched in VMware Fusion appeared first on SecurityWeek.
Researcher Drops YellowKey, GreenPlasma Windows Zero-Days
YellowKey is a BitLocker bypass that requires physical access. GreenPlasma enables elevation of privileges to System.
The post Researcher Drops YellowKey, GreenPlasma Windows Zero-Days appeared first on SecurityWeek.
Foxconn Confirms North American Factories Hit by Cyberattack
The Nitrogen ransomware group claims to have hacked the company’s systems, stealing 8TB of data, including confidential documents.
The post Foxconn Confirms North American Factories Hit by Cyberattack appeared first on SecurityWeek.
Microsoft, Palo Alto Networks Find Many Vulnerabilities by Using AI on Their Own Code
Microsoft’s MDASH discovered 16 of the Patch Tuesday vulnerabilities, and Palo Alto used Mythos to find dozens of flaws.
The post Microsoft, Palo Alto Networks Find Many Vulnerabilities by Using AI on Their Own Code appeared first on SecurityWeek.
Sweet Security Launches Agentic AI Red Teaming to Counter ‘Mythos Moment’
New “Sweet Attack” platform uses runtime intelligence and continuous agentic red teaming to identify exploitable attack chains human teams may miss.
The post Sweet Security Launches Agentic AI Red Teaming to Counter ‘Mythos Moment’ appeared first on SecurityWeek.
Webinar Today: ROI for Cyber-Physical Security Programs
This webinar will help OT security teams and asset owners stop being cost centers and start being resilience drivers.
The post Webinar Today: ROI for Cyber-Physical Security Programs appeared first on SecurityWeek.
Government to Scrutinize Instructure Over Canvas Disruption, Data Breach
The Committee on Homeland Security has requested to be briefed on the incident and Instructure’s remediation steps.
The post Government to Scrutinize Instructure Over Canvas Disruption, Data Breach appeared first on SecurityWeek.
716,000 Impacted by OpenLoop Health Data Breach
The telehealth platform was hacked in January, and users’ personal information was exfiltrated from its systems.
The post 716,000 Impacted by OpenLoop Health Data Breach appeared first on SecurityWeek.
Microsoft Patches Critical Zero-Click Outlook Vulnerability Threatening Enterprises
CVE-2026-40361 is similar to a vulnerability found a decade ago, BadWinmail, which at the time was dubbed an “enterprise killer”.
The post Microsoft Patches Critical Zero-Click Outlook Vulnerability Threatening Enterprises appeared first on SecurityWeek.
Fortinet, Ivanti Patch Critical Vulnerabilities
Successful exploitation of these flaws could lead to arbitrary code execution and information disclosure.
The post Fortinet, Ivanti Patch Critical Vulnerabilities appeared first on SecurityWeek.
Chipmaker Patch Tuesday: Intel and AMD Patch 70 Vulnerabilities
The two chip giants have published over two dozen advisories describing recently identified security defects.
The post Chipmaker Patch Tuesday: Intel and AMD Patch 70 Vulnerabilities appeared first on SecurityWeek.
Hundreds of Malicious Packages Force RubyGems to Suspend Registrations
More than 500 packages were pushed during the attack, but the target appears to have been RubyGems itself rather than users.
The post Hundreds of Malicious Packages Force RubyGems to Suspend Registrations appeared first on SecurityWeek.
ICS Patch Tuesday: New Security Advisories From Siemens, Schneider, CISA
Many ICS vendors have not released new advisories for the May 2026 Patch Tuesday.
The post ICS Patch Tuesday: New Security Advisories From Siemens, Schneider, CISA appeared first on SecurityWeek.
Microsoft Patches 137 Vulnerabilities
Fresh security updates resolve critical flaws in Azure, Windows, Dynamics 365, and the SSO Plugin for Jira & Confluence.
The post Microsoft Patches 137 Vulnerabilities appeared first on SecurityWeek.
Exaforce Raises $125 Million for Agentic SOC Platform
Exaforce has raised a total of $200 million and plans on using the latest investment for product development and international expansion.
The post Exaforce Raises $125 Million for Agentic SOC Platform appeared first on SecurityWeek.
Adobe Patches 52 Vulnerabilities in 10 Products
While none of the flaws have been exploited in the wild, many of them could lead to arbitrary code execution.
The post Adobe Patches 52 Vulnerabilities in 10 Products appeared first on SecurityWeek.
White Circle Raises $11 Million for AI Control Platform
The startup will invest in accelerating product development, hiring new talent, and expanding its customer base.
The post White Circle Raises $11 Million for AI Control Platform appeared first on SecurityWeek.
BWH Hotels Says Hackers Had Access to Reservation Data for 6 Months
Threat actors obtained names and contact information for an unspecified number of BWH Hotels guests.
The post BWH Hotels Says Hackers Had Access to Reservation Data for 6 Months appeared first on SecurityWeek.