Apple has announced major mobile and desktop platform releases and addressed an exploited bug in older platforms. The post Apple Rolls Out iOS 26, macOS Tahoe 26 With Patches for Over 50 Vulnerabilities appeared first on SecurityWeek.
The bootstrapped company will invest in an AI-powered unified enterprise platform combining configuration, compliance, patching, and vulnerability management. The post Endpoint Security Firm Remedio Raises $65 Million in First Funding Round appeared first on SecurityWeek.
A team of academics from ETH Zürich and Google has discovered a new variant of a RowHammer attack targeting Double Data Rate 5 (DDR5) memory chips from South Korean semiconductor vendor SK Hynix. The RowHammer attack variant, codenamed Phoenix (CVE-2025-6202, CVSS score: 7.1), is capable of bypassing sophisticated protection mechanismsRead More »Phoenix RowHammer Attack Bypasses Advanced DDR5 Memory Protections in 109 Seconds
U.S. Senator Ron Wyden (D-OR) has called for an investigation of Microsoft, claiming the company’s insecure software has enabled cyber threats.
Cybersecurity researchers have flagged a fresh software supply chain attack targeting the npm registry that has affected more than 40 packages that belong to multiple maintainers. “The compromised versions include a function (NpmModule.updatePackage) that downloads a package tarball, modifies package.json, injects a local script (bundle.js), repacks the archive, and republishesRead More »40 npm Packages Compromised in Supply Chain Attack Using bundle.js to Steal Credentials
The China-aligned threat actor known as Mustang Panda has been observed using an updated version of a backdoor called TONESHELL and a previously undocumented USB worm called SnakeDisk. “The worm only executes on devices with Thailand-based IP addresses and drops the Yokai backdoor,” IBM X-Force researchers Golo Mühr and JoshuaRead More »Mustang Panda Deploys SnakeDisk USB Worm to Deliver Yokai Backdoor on Thailand IPs
A former FinWise employee gained access to American First Finance customer information. The post 689,000 Affected by Insider Breach at FinWise Bank appeared first on SecurityWeek.
Fifteen years after its debut, Zero Trust remains the gold standard in cybersecurity theory — but its uneven implementation leaves organizations both stronger and dangerously exposed. The post Zero Trust Is 15 Years Old — Why Full Adoption Is Worth the Struggle appeared first on SecurityWeek.
Silent Push, which provides Indicators of Future Attack, has raised a total of $32 million in funding. The post Silent Push Raises $10 Million for Threat Intelligence Platform appeared first on SecurityWeek.
The Israeli cybersecurity startup plans to expand its offensive security offering to cover more enterprise attack surface. The post Terra Security Raises $30 Million for AI Penetration Testing Platform appeared first on SecurityWeek.
