Information

Criminals no longer knock at the door; they abuse the keys that companies can no longer control. Offroad seeks to provide that control. New York- and Tel Aviv-based Offroad emerged from stealth with seed funding of $7 million, led by Ibex Investors and Skywell Capital. Offroad helps organizations move from identity visibility to identity resolution – it claims to investigate, govern, remediate, and verify identity risks. The firm uses agentic AI to find and investigate…

Read More

Coralogix announced on Wednesday that it has raised $200 million in Series F funding for its AI-native observability platform. The company has raised a total of $550 million and told SecurityWeek that the latest funding round (co-led by Advent, CPPIB, and Greenfield) has brought its valuation to $1.6 billion. The new funding will be used for product development, expanding the company’s telemetry data lake architecture, and global growth.  Coralogix offers a full-stack observability platform that…

Read More

President Donald Trump signed an executive order on oversight of artificial intelligence Tuesday, less than two weeks after postponing a White House ceremony over his concerns that a similar policy could dull America’s technological edge. The order establishes a framework for the federal government to vet the national security risks of the most advanced AI systems for up to a month before their public release. Participation by AI developers would be voluntary, the order says.…

Read More

Threat actors are exploiting a critical-severity vulnerability in the WP Maps Pro WordPress plugin to take over websites, Defiant warns. WP Maps Pro allows site administrators to embed Google Maps in their installations, customizable with advanced location, markers, and categories. The exploited vulnerability, tracked as CVE-2026-8732 (CVSS score of 9.8), allows unauthenticated threat actors to create new administrative accounts and take over vulnerable sites. WP Maps Pro has been designed to support tooling, which exposes…

Read More

Russia’s intelligence agencies have grown more aggressive in their efforts to steal Western technology and defense secrets as sanctions squeeze the country’s wartime economy, three senior European intelligence officials told The Associated Press. Moscow’s agents are building fake companies, recruiting middlemen and deploying cyber spies and hackers who are gathering information that could also be used to attack key infrastructure, they said. Four years of international sanctions have hampered Moscow’s ability to procure machinery, technology…

Read More

Obsidian Security has released technical information and proof-of-concept (PoC) code targeting a remote code execution (RCE) vulnerability in Flowise. The issue, tracked as CVE-2026-40933 (CVSS score of 9.9), was disclosed in April along with several other security defects impacting AI ecosystems that rely on Anthropic’s MCP protocol. Flowise, a popular open source platform that provides developers with a drag-and-drop interface for building LLM flows and AI agents, and which has over 52,000 GitHub stars, was…

Read More

SecurityWeek’s weekly cybersecurity news roundup offers a concise overview of important developments that may not receive full standalone coverage but remain relevant to the broader threat landscape. This curated summary highlights key stories across vulnerability disclosures, emerging attack methods, policy updates, industry reports, and other noteworthy events to help readers maintain a well-rounded awareness of the evolving cybersecurity environment. Here are this week’s highlights: Trump Mobile data breach Phone provider Trump Mobile has confirmed that…

Read More