The AI-powered automated penetration testing firm will invest the new funds in R&D, team expansion, and global scale. The post FireCompass Raises $20 Million for Offensive Security Platform appeared first on SecurityWeek.
Noteworthy stories that might have slipped under the radar: Google fined €325 million, City of Baltimore sent $1.5 million to scammer, Bridgestone targeted in cyberattack. The post In Other News: Scammers Abuse Grok, US Manufacturing Attacks, Gmail Security Claims Debunked appeared first on SecurityWeek.
CISA has announced the addition of two vulnerabilities to its Known Exploited Vulnerabilities catalog.
Interesting experiment: To design their experiment, the University of Pennsylvania researchers tested 2024’s GPT-4o-mini model on two requests that it should ideally refuse: calling the user a jerk and giving directions for how to synthesize lidocaine. The researchers created experimental prompts for both requests using each of seven different persuasionRead More »GPT-4o-mini Falls for Psychological Manipulation
A critical security vulnerability impacting SAP S/4HANA, an Enterprise Resource Planning (ERP) software, has come under active exploitation in the wild. The command injection vulnerability, tracked as CVE-2025-42957 (CVSS score: 9.9), was fixed by SAP as part of its monthly updates last month. “SAP S/4HANA allows an attacker with userRead More »SAP S/4HANA Critical Vulnerability CVE-2025-42957 Exploited in the Wild
The hackers were seen actively monitoring cyber threat intelligence to discover and rebuild exposed infrastructure. The post North Korean Hackers Targeted Hundreds in Fake Job Interview Attacks appeared first on SecurityWeek.
IT threat evolution in Q2 2025. Mobile statistics IT threat evolution in Q2 2025. Non-mobile statistics The mobile section of our quarterly cyberthreat report includes statistics on malware, adware, and potentially unwanted software for Android, as well as descriptions of the most notable threats for Android and iOS discovered duringRead More »IT threat evolution in Q2 2025. Mobile statistics
IT threat evolution in Q2 2025. Non-mobile statistics IT threat evolution in Q2 2025. Mobile statistics The statistics in this report are based on detection verdicts returned by Kaspersky products unless otherwise stated. The information was provided by Kaspersky users who consented to sharing statistical data. The quarter in numbersRead More »IT threat evolution in Q2 2025. Non-mobile statistics
Proofpoint, SpyCloud, Tanium, and Tenable confirmed that hackers accessed information stored in their Salesforce instances. The post More Cybersecurity Firms Hit by Salesforce-Salesloft Drift Breach appeared first on SecurityWeek.
Pentesting remains one of the most effective ways to identify real-world security weaknesses before adversaries do. But as the threat landscape has evolved, the way we deliver pentest results hasn’t kept pace. Most organizations still rely on traditional reporting methods—static PDFs, emailed documents, and spreadsheet-based tracking. The problem? These outdatedRead More »Automation Is Redefining Pentest Delivery
