SecurityWeek

Verizon DBIR 2026: Vulnerability Exploitation Overtakes Credential Theft as Top Breach Vector

Verizon’s 2026 DBIR shows vulnerability exploitation was the top breach vector in 2025 as AI accelerated attacks, ransomware ...
SecurityWeek

Drupal to Patch Highly Critical Vulnerability at Risk of Quick Exploitation

Drupal is warning users that it’s preparing a patch for a ‘highly critical’ vulnerability that may be exploited shortly after ...
SecurityWeek

Unpatched ChromaDB Vulnerability Can Lead to Server Takeover

An unpatched vulnerability in ChromaDB could be exploited without authentication for remote code execution and server ...
SecurityWeek

Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks

Attackers are increasingly abusing Microsoft’s legacy MSHTA utility to silently deliver malware, stealers, and persistent ...
SecurityWeek

PoC Released for DirtyDecrypt Linux Kernel Vulnerability

PoC code has been released for DirtyDecrypt, a recently patched Linux kernel vulnerability allowing privilege escalation to ...
SecurityWeek

Cyber Resilience is the New Business Continuity Plan

The organizations best prepared to face disruption are those that align security, continuity and risk management around what ...
SecurityWeek

Microsoft Disrupts Malware-Signing Service Run by ‘Fox Tempest’

Microsoft has disrupted the Fox Tempest cybercrime service that has been helping threat actors distribute ransomware and ...
SecurityWeek

B1ack’s Stash Marketplace Gives Away 4.6 Million Stolen Credit Cards

The B1ack’s Stash dark web carding marketplace has released 4.6 million stolen credit card records as a free download.
SecurityWeek

201 Arrested in Crackdown on Cybercrime in Middle East, North Africa

A total of 201 individuals were arrested, and 382 additional suspects were identified in a law enforcement crackdown on ...