Security Week
BeyondTrust Patches Critical RCE Vulnerability
Affecting both RS and PRA, the bug can be exploited remotely via crafted requests without authentication.
The post BeyondTrust Patches Critical RCE Vulnerability appeared first on SecurityWeek.
Singapore: Rootkits, Zero-Day Used in Chinese Attack on Major Telecom Firms
China-linked UNC3886 targeted all four major telecom providers, but did not disrupt services or access customer information.
The post Singapore: Rootkits, Zero-Day Used in Chinese Attack on Major Telecom Firms appeared first on SecurityWeek.
RSAC Releases Quantickle Open Source Threat Intelligence Visualization Tool
Quantickle is a browser-based tool designed for creating visual representations of threat research.
The post RSAC Releases Quantickle Open Source Threat Intelligence Visualization Tool appeared first on SecurityWeek.
Lema AI Emerges From Stealth With $24 Million to Tackle Third-Party Risk
The funding was raised over Series A and seed funding rounds for its supply chain security solution.
The post Lema AI Emerges From Stealth With $24 Million to Tackle Third-Party Risk appeared first on SecurityWeek.
Ransomware Groups May Pivot Back to Encryption as Data Theft Tactics Falter
As only data exfiltration for extortion no longer delivers ROI, ransomware gangs may increasingly encrypting data for additional leverage.
The post Ransomware Groups May Pivot Back to Encryption as Data Theft Tactics Falter appeared first on SecurityWeek.
Outtake Raises $40 Million to Bolster Digital Trust Against AI-Driven Threats
The Series B funding round brings the cybersecurity startup’s total raised to $60 million.
The post Outtake Raises $40 Million to Bolster Digital Trust Against AI-Driven Threats appeared first on SecurityWeek.
Cybersecurity M&A Roundup: 34 Deals Announced in January 2026
Significant cybersecurity M&A deals announced by CrowdStrike, Infoblox, JumpCloud, LevelBlue, OneSpan, and Radware.
The post Cybersecurity M&A Roundup: 34 Deals Announced in January 2026 appeared first on SecurityWeek.
Recent SolarWinds Flaws Potentially Exploited as Zero-Days
Vulnerable SolarWinds Web Help Desk instances were exploited in December 2025 for initial access.
The post Recent SolarWinds Flaws Potentially Exploited as Zero-Days appeared first on SecurityWeek.
SmarterTools Hit by Ransomware via Vulnerability in Its Own Product
SmarterTools says customers were impacted after hackers compromised a data center used for quality control testing.
The post SmarterTools Hit by Ransomware via Vulnerability in Its Own Product appeared first on SecurityWeek.
New Paper and Tool Help Security Teams Move Beyond Blind Reliance on CISA’s KEV Catalog
The KEV list is useful but largely misunderstood. KEVology explains what it is, and how best to use it.
The post New Paper and Tool Help Security Teams Move Beyond Blind Reliance on CISA’s KEV Catalog appeared first on SecurityWeek.
European Commission Investigating Cyberattack
The signs of a cyberattack were identified on systems EU's main executive body uses for mobile device management.
The post European Commission Investigating Cyberattack appeared first on SecurityWeek.
Organizations Urged to Replace Discontinued Edge Devices
Edge devices that are no longer supported have been targeted in attacks by state-sponsored hackers, the US says.
The post Organizations Urged to Replace Discontinued Edge Devices appeared first on SecurityWeek.