SecurityWeek
AI Now Outsmarts Humans in Spear Phishing, Analysis Shows
Agentic AI has improved spear phishing effectiveness by 55% since 2023, research shows.
The post AI Now Outsmarts Humans in Spear Phishing, Analysis Shows appeared first on SecurityWeek.
Qevlar AI Raises $10 Million for Autonomous Investigation Platform
French cybersecurity startup Qevlar AI has raised $10 million in a funding round led by EQT Ventures and Forgepoint Capital International.
The post Qevlar AI Raises $10 Million for Autonomous Investigation Platform appeared first on SecurityWeek.
Treasury’s OCC Says Hackers Had Access to 150,000 Emails
The Office of the Comptroller of the Currency (OCC) has disclosed an email security incident in which 100 accounts were compromised for over a year.
The post Treasury’s OCC Says Hackers Had Access to 150,000 Emails appeared first on SecurityWeek.
CISA Urges Urgent Patching for Exploited CentreStack, Windows Zero-Days
CISA has added fresh CentreStack and Windows CLFS vulnerabilities to the Known Exploited Vulnerabilities catalog.
The post CISA Urges Urgent Patching for Exploited CentreStack, Windows Zero-Days appeared first on SecurityWeek.
Vulnerabilities Patched by Ivanti, VMware, Zoom
Ivanti, VMware, and Zoom released fixes for dozens of vulnerabilities in their products on April 2025 Patch Tuesday.
The post Vulnerabilities Patched by Ivanti, VMware, Zoom appeared first on SecurityWeek.
Fortinet Patches Critical FortiSwitch Vulnerability
Fortinet fixes a critical-severity bug in FortiSwitch that could allow an attacker to modify administrative passwords.
The post Fortinet Patches Critical FortiSwitch Vulnerability appeared first on SecurityWeek.
Oracle Faces Mounting Criticism as It Notifies Customers of Hack
Oracle is sending out written notifications to customers over the recent hack after it initially appeared to completely deny a data breach.
The post Oracle Faces Mounting Criticism as It Notifies Customers of Hack appeared first on SecurityWeek.
ICS Patch Tuesday: Vulnerabilities Addressed by Rockwell, ABB, Siemens, Schneider
Industrial giants Siemens, Rockwell, Schneider and ABB have released their March 2025 Patch Tuesday ICS security advisories.
The post ICS Patch Tuesday: Vulnerabilities Addressed by Rockwell, ABB, Siemens, Schneider appeared first on SecurityWeek.
Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day
Patch Tuesday: Microsoft ships urgent cover for another WIndows CLFS vulnerability already exploited in the wild.
The post Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day appeared first on SecurityWeek.
Adobe Calls Urgent Attention to Critical ColdFusion Flaws
The Adobe Patch Tuesday rollout covers 54 vulnerabilities, including code execution issues in the oft-targeted Adobe ColdFusion software.
The post Adobe Calls Urgent Attention to Critical ColdFusion Flaws appeared first on SecurityWeek.
Network Access Vendor Portnox Secures $37.5 Million Investment
Texas network access control startup closes a Series B round led by Updata Partners and brings the total raised to $60 million.
The post Network Access Vendor Portnox Secures $37.5 Million Investment appeared first on SecurityWeek.
Octane Raises $6.75M for Smart Contract Security Tech
San Francisco smart contract security startup closes a $6.75 million seed funding round led by Archetype and Winklevoss Capital.
The post Octane Raises $6.75M for Smart Contract Security Tech appeared first on SecurityWeek.
Vulnerability Management Firm Spektion Emerges From Stealth With $5 Million in Funding
Spektion has emerged from stealth mode with $5 million in seed funding for its vulnerability management solution.
The post Vulnerability Management Firm Spektion Emerges From Stealth With $5 Million in Funding appeared first on SecurityWeek.
DNS: The Secret Weapon CISOs May Be Overlooking In the Fight Against Cyberattacks
While often relegated to a purely functional role, DNS offers unparalleled opportunities for preemptive defense against cyberattacks.
The post DNS: The Secret Weapon CISOs May Be Overlooking In the Fight Against Cyberattacks appeared first on SecurityWeek.
Anecdotes Raises $30 Million for Enterprise GRC Platform
Anecdotes has raised $55 million in an extended Series B funding round that brings the total raised by the company to $85 million.
The post Anecdotes Raises $30 Million for Enterprise GRC Platform appeared first on SecurityWeek.
SAP Patches Critical Code Injection Vulnerabilities
SAP released 20 security notes on April 2025 patch day, including three addressing critical code injection and authentication bypass flaws.
The post SAP Patches Critical Code Injection Vulnerabilities appeared first on SecurityWeek.
Aurascape Banks Hefty $50 Million to Mitigate ‘Shadow AI’ Risks
Silicon Valley startup secures big investment from Menlo Ventures and Mayfield Fund to solve the “shadow AI” security problem.
The post Aurascape Banks Hefty $50 Million to Mitigate ‘Shadow AI’ Risks appeared first on SecurityWeek.
WhatsApp Vulnerability Could Facilitate Remote Code Execution
An update for the WhatsApp desktop app for Windows patches CVE-2025-30401, a spoofing vulnerability that could be used to trick users.
The post WhatsApp Vulnerability Could Facilitate Remote Code Execution appeared first on SecurityWeek.
ESET Vulnerability Exploited for Stealthy Malware Execution
A sophisticated APT tracked as ToddyCat has exploited an ESET DLL search order hijacking vulnerability for malware delivery.
The post ESET Vulnerability Exploited for Stealthy Malware Execution appeared first on SecurityWeek.
Corsha Raises $18 Million to Enhance and Extend Machine-to-Machine Security
The new funds will be used to extend Corsha’s reach into critical infrastructure and further improve its own use of AI.
The post Corsha Raises $18 Million to Enhance and Extend Machine-to-Machine Security appeared first on SecurityWeek.