SecurityWeek

Axios NPM Package Breached in North Korean Supply Chain Attack

North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.
SecurityWeek

Google Addresses Vertex Security Issues After Researchers Weaponize AI Agents

Palo Alto Networks has shared details about how its researchers weaponized AI agents built on Google Cloud’s Vertex AI ...
SecurityWeek

CrewAI Vulnerabilities Expose Devices to Hacking

Four vulnerabilities in CrewAI could be chained together via prompt injection for sandbox escape, remote code execution, and ...
SecurityWeek

TeamPCP Moves From OSS to AWS Environments

The TeamPCP hacking group has been using credentials stolen in the recent OSS campaign to enumerate and compromise AWS ...
SecurityWeek

Exploitation of Critical Fortinet FortiClient EMS Flaw Begins

Threat actors have started exploiting CVE-2026-21643, a critical vulnerability in Fortinet FortiClient EMS leading to remote ...
SecurityWeek

Google Slashes Quantum Resource Requirements for Breaking Cryptocurrency Encryption

Google researchers have shown that breaking the encryption of cryptocurrencies such as Bitcoin and Ethereum requires 20x ...
SecurityWeek

StrongSwan Flaw Allows Unauthenticated Attackers to Crash VPNs

A vulnerability in StrongSwan allows remote, unauthenticated attackers to take VPN services offline via crafted EAP-TTLS ...
SecurityWeek

Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks

Stolen credentials are fueling ransomware, SaaS breaches, and nation-state attacks, as infostealers and AI drive a surge in ...
SecurityWeek

Venom Stealer Raises Stakes With Continuous Credential Harvesting

The Venom Stealer kit demonstrates both the improving sophistication of infostealers and the ongoing efficiency of the MaaS ...
SecurityWeek

The Next Cybersecurity Crisis Isn’t Breaches—It’s Data You Can’t Trust

Data integrity is no longer only about keeping data safe; it’s also about data trust. Organizations are asking, “Can we trust our data?” ...
SecurityWeek

Censys Raises $70 Million for Internet Intelligence Platform

Internet intelligence provider Censys announced raising $70 million in strategic funding, including Series D and debt ...
SecurityWeek

Lloyds Data Security Incident Impacts 450,000 Individuals

Lloyds Banking Group says the transaction details of nearly 450,000 mobile banking users were potentially exposed after a ...