Akamai strengthens its security offering through the acquisition of LayerX, following the industry trend toward secure enterprise web browsers that an increasing number of technology providers are advancing.
Unidentified attackers apparently extracted data via a poorly secured API and then deleted it, affecting thousands of photographers and their customers.
The Verizon DBIR 2026 confirms that healthcare organizations face a dual threat from sophisticated social engineering methods and supply chain vulnerabilities.
The Megalodon campaign infiltrated over 5,700 GitHub repositories with malicious CI/CD workflows and stole sensitive credentials, using fake identities and hidden Base64 payloads to harvest cloud credentials, SSH keys, and API keys at scale.
Security vulnerabilities in Windows drivers can be exploited without the original hardware, facilitating BYOVD attacks to disable security systems, with new analysis demonstrating how hardware-gating can be bypassed and presenting a significant security risk.
Developers have closed security vulnerabilities in Apache Airflow CNCF Kubernetes Provider and Apache Airflow Amazon Provider, which allow attackers to access and manipulate the database following successful attacks.
The Chinese APT group Webworm infiltrated EU government authorities using Discord and Microsoft services as communication channels and SOCKS proxies for anonymizing their attacks.
Unsubstantiated claims have circulated in the US for months alleging that WhatsApp can access completely encrypted content, and Texas has now filed a lawsuit.