Latest Cybersecurity News and Articles
01 August 2025
Just as triathletes know that peak performance requires more than expensive gear, cybersecurity teams are discovering that AI success depends less on the tools they deploy and more on the data that powers them
The junk food problem in cybersecurity
Imagine a triathlete who spares no expense on equipment—carbon fiber bikes, hydrodynamic wetsuits, precision GPS watches—but fuels their
01 August 2025
Safe has raised $70 million in Series C funding to advance cyber risk management through specialized AI agents.
The post Cyber Risk Management Firm Safe Raises $70 Million appeared first on SecurityWeek.
01 August 2025
Echo received funding for creating thousands of container images that are not affected by any CVE, for enterprise-grade software infrastructure.
The post Echo Raises $15M in Seed Funding for Vulnerability-Free Container Images appeared first on SecurityWeek.
01 August 2025
The threat actor linked to the exploitation of the recently disclosed security flaws in Microsoft SharePoint Server is using a bespoke command-and-control (C2) framework called AK47 C2 (also spelled ak47c2) in its operations.
The framework includes at least two different types of clients, HTTP-based and Domain Name System (DNS)-based, which have been dubbed AK47HTTP and AK47DNS, respectively, by
01 August 2025
Two US senators introduced a bipartisan bill to help prepare federal government agencies for quantum computing threats.
The post Bill Aims to Create National Strategy for Quantum Cybersecurity Migration appeared first on SecurityWeek.
01 August 2025
Meta is sponsoring ZDI’s Pwn2Own hacking competition, where participants can earn big prizes for smartphone, WhatsApp and wearable device exploits.
The post $1 Million Offered for WhatsApp Exploit at Pwn2Own Ireland 2025 appeared first on SecurityWeek.
01 August 2025
Scattered Spider is evolving tactics and targeting new sectors.
31 July 2025
The Russian nation-state threat actor known as Secret Blizzard has been observed orchestrating a new cyber espionage campaign targeting foreign embassies located in Moscow by means of an adversary-in-the-middle (AitM) attack at the Internet Service Provider (ISP) level and delivering a custom malware dubbed ApolloShadow.
"ApolloShadow has the capability to install a trusted root certificate to
31 July 2025
Cybersecurity researchers have disclosed details of a new phishing campaign that conceals malicious payloads by abusing link wrapping services from Proofpoint and Intermedia to bypass defenses.
"Link wrapping is designed by vendors like Proofpoint to protect users by routing all clicked URLs through a scanning service, allowing them to block known malicious destinations at the moment of click,"
31 July 2025
Noma Security has announced a Series B funding round that will enable the company’s growth and expansion of its AI agent security solutions.
The post Noma Security Raises $100 Million for AI Security Platform appeared first on SecurityWeek.
31 July 2025
Chinese military and cyber researchers are intensifying efforts to counter Elon Musk’s Starlink satellite network, viewing it as a potential tool for U.S. military power across nuclear, space, and cyber domains.
The post Chinese Researchers Suggest Lasers and Sabotage to Counter Musk’s Starlink Satellites appeared first on SecurityWeek.
31 July 2025
Reach Security has received a $10 million strategic investment from M12 to advance its domain-specific AI approach for exposure management.
The post Reach Security Raises $10 Million for Exposure Management Solution appeared first on SecurityWeek.
31 July 2025
The tool includes resources to help organizations during the containment and eviction stages of incident response.
The post Open Source CISA Tool Helps Defenders With Hacker Containment, Eviction appeared first on SecurityWeek.
31 July 2025
The North Korea-linked threat actor known as UNC4899 has been attributed to attacks targeting two different organizations by approaching their employees via LinkedIn and Telegram.
"Under the guise of freelance opportunities for software development work, UNC4899 leveraged social engineering techniques to successfully convince the targeted employees to execute malicious Docker containers in their
31 July 2025
Why context, behavioral baselines, and multi-source visibility are the new pillars of identity security in a world where credentials alone no longer cut it.
The post Who’s Really Behind the Mask? Combatting Identity Fraud appeared first on SecurityWeek.
31 July 2025
1 in 20 online identity verification attempts are fraudulent in the financial services sector.
31 July 2025
Wallarm has raised money in a Series C funding round led by Toba Capital, which brings the total raised by the company to over $70 million.
The post API Security Firm Wallarm Raises $55 Million appeared first on SecurityWeek.
31 July 2025
In an era when data needs to be recognized as an asset in order to transform as a business, retrieving value from data becomes the topmost priority.
31 July 2025
LayerX has disclosed an AI chatbot hacking method via web browser extensions it has named ‘man-in-the-prompt’.
The post Browser Extensions Pose Serious Threat to Gen-AI Tools Handling Sensitive Data appeared first on SecurityWeek.
31 July 2025
A recent report by Veracode revealed that while AI produces functional code, it introduces security vulnerabilities in 45% of cases.