Security Week
Microsoft Warns of ClickFix Attack Abusing DNS Lookups
Attackers are using DNS requests to deliver a RAT named ModeloRAT to targeted users.
The post Microsoft Warns of ClickFix Attack Abusing DNS Lookups appeared first on SecurityWeek.
Amazon Scraps Partnership With Surveillance Company After Super Bowl Ad Backlash
Amazon’s smart doorbell maker Ring has terminated a partnership with police surveillance tech company Flock Safety.
The post Amazon Scraps Partnership With Surveillance Company After Super Bowl Ad Backlash appeared first on SecurityWeek.
Google Patches First Actively Exploited Chrome Zero-Day of 2026
A Chrome 145 update fixes CVE-2026-2441, a vulnerability that can likely be exploited for arbitrary code execution.
The post Google Patches First Actively Exploited Chrome Zero-Day of 2026 appeared first on SecurityWeek.
Over 300 Malicious Chrome Extensions Caught Leaking or Stealing User Data
With more than 37 million combined downloads, the extensions expose users to tracking and personal information theft.
The post Over 300 Malicious Chrome Extensions Caught Leaking or Stealing User Data appeared first on SecurityWeek.
In Other News: Google Looks at AI Abuse, Trump Pauses China Bans, Disney’s $2.7M Fine
Other noteworthy stories that might have slipped under the radar: vulnerabilities at 277 water systems, DoD employee acting as money mule, 200 airports exposed by flaw.
The post In Other News: Google Looks at AI Abuse, Trump Pauses China Bans, Disney’s $2.7M Fine appeared first on SecurityWeek.
Check Point Announces Trio of Acquisitions Amid Solid 2025 Earnings Beat
Check Point has acquired Israeli cybersecurity companies Cyata, Cyclops, and Rotate.
The post Check Point Announces Trio of Acquisitions Amid Solid 2025 Earnings Beat appeared first on SecurityWeek.
Dutch Carrier Odido Discloses Data Breach Impacting 6 Million
Hackers stole personal information such as names, addresses, and phone numbers from a customer contact system.
The post Dutch Carrier Odido Discloses Data Breach Impacting 6 Million appeared first on SecurityWeek.
BeyondTrust Vulnerability Targeted by Hackers Within 24 Hours of PoC Release
Exploitation attempts target CVE-2026-1731, a critical unauthenticated remote code execution flaw in BeyondTrust Remote Support.
The post BeyondTrust Vulnerability Targeted by Hackers Within 24 Hours of PoC Release appeared first on SecurityWeek.
CISA Warns of Exploited SolarWinds, Notepad++, Microsoft Vulnerabilities
Disclosed at the end of January, the SolarWinds vulnerability was likely exploited as a zero-day since December 2025.
The post CISA Warns of Exploited SolarWinds, Notepad++, Microsoft Vulnerabilities appeared first on SecurityWeek.
Chrome 145 Patches 11 Vulnerabilities
Three of the security defects are high-severity flaws, two of which were found and reported by Google.
The post Chrome 145 Patches 11 Vulnerabilities appeared first on SecurityWeek.
China Revives Tianfu Cup Hacking Contest Under Increased Secrecy
Rewards for exploits are reportedly much smaller than in the contest’s glory days.
The post China Revives Tianfu Cup Hacking Contest Under Increased Secrecy appeared first on SecurityWeek.
How to Eliminate the Technical Debt of Insecure AI-Assisted Software Development
Developers must view AI as a collaborator to be closely monitored, rather than an autonomous entity to be unleashed. Without such a mindset, crippling tech debt is inevitable.
The post How to Eliminate the Technical Debt of Insecure AI-Assisted Software Development appeared first on SecurityWeek.
ApolloMD Data Breach Impacts 626,000 Individuals
The company says hackers stole the personal information of patients of affiliated physicians and practices.
The post ApolloMD Data Breach Impacts 626,000 Individuals appeared first on SecurityWeek.
Microsoft to Enable ‘Windows Baseline Security’ With New Runtime Integrity Safeguards
Windows will have runtime safeguards enabled by default, ensuring that only properly signed software runs.
The post Microsoft to Enable ‘Windows Baseline Security’ With New Runtime Integrity Safeguards appeared first on SecurityWeek.
Hacktivists, State Actors, Cybercriminals Target Global Defense Industry, Google Warns
Threat actors from Russia, China, North Korea and Iran have been observed launching attacks.
The post Hacktivists, State Actors, Cybercriminals Target Global Defense Industry, Google Warns appeared first on SecurityWeek.
Nucleus Raises $20 Million for Exposure Management
The company will use the investment to scale operations and deepen intelligence and automation.
The post Nucleus Raises $20 Million for Exposure Management appeared first on SecurityWeek.
Apple Patches iOS Zero-Day Exploited in ‘Extremely Sophisticated Attack’
Impacting the ‘dyld’ system component, the memory corruption issue can be exploited for arbitrary code execution.
The post Apple Patches iOS Zero-Day Exploited in ‘Extremely Sophisticated Attack’ appeared first on SecurityWeek.
Nevada Unveils New Statewide Data Classification Policy Months After Cyberattack
Officials said data will now be classified as one of four categories: “public,” “sensitive,” “confidential” or “restricted.”
The post Nevada Unveils New Statewide Data Classification Policy Months After Cyberattack appeared first on SecurityWeek.
Webinar Today: Identity Under Attack – Strengthen Your Identity Defenses
Gain practical insights on balancing security, user experience, and operational efficiency while staying ahead of increasingly sophisticated threats.
The post Webinar Today: Identity Under Attack – Strengthen Your Identity Defenses appeared first on SecurityWeek.
GitGuardian Raises $50 Million for Secrets and Non-Human Identity Security
The secrets security company has raised more than $100 million since its creation in 2017.
The post GitGuardian Raises $50 Million for Secrets and Non-Human Identity Security appeared first on SecurityWeek.