Continuous Monitoring and Protection
“Fix the roof while the sun is shining.” – proverb Cybersecurity has a familiar way of saying the storm will come: “a breach is a matter of when, not if.” While the industry’s sternest maxim has probably never been more true, it sometimes feels as though it’s also lost some of its edge over the years. Everyone agrees that there could be a ‘cloud on the horizon,’ but is it enough to get them to …
Read MoreSecurityWeek’s weekly cybersecurity news roundup offers a concise overview of important developments that may not receive full standalone coverage but remain relevant to the broader threat landscape. This curated summary highlights key stories across vulnerability disclosures, emerging attack methods, policy updates, industry reports, and other noteworthy events to help readers maintain a well-rounded awareness of the evolving cybersecurity environment. Here are this week’s highlights: IBM and AT&T accused of hack cover-ups A former IBM cybersecurity…
Read MoreOracle on Thursday released an out-of-band advisory addressing a PeopleSoft vulnerability that can be exploited by an unauthenticated attacker for remote code execution. The security alert comes amid reports that the notorious ShinyHunters hacker group has been targeting organizations that use PeopleSoft. PeopleSoft is an integrated enterprise resource planning (ERP) software suite widely used by large organizations for managing core business functions, including HR, payroll, finance, supply chain, and campus operations. The newly disclosed vulnerability…
Read MoreA cybercrime group known as The Gentlemen has emerged as the second most active ransomware gang by victim count, rapidly attracting a talented pool of hackers through an aggressive recruitment strategy that promises affiliates 90 percent of any ransom paid by victims. This post examines clues pointing to a real life identity for the administrator of The Gentlemen ransomware group. A graphic created and shared by The Gentlemen ransomware group administrator Hastalamuerte on Breachforums in…
Read MoreHackers no longer force open the side-window when infostealers can give them a key to the front door. Infostealers have become the primary source of stolen credentials for attackers. Using these credentials is now a favored route for bad actors to access a target effectively as an invited guest. It is quicker, easier, less visible and more effective than forcing an entry. More than 11.1 million devices were infected with infostealers in 2025, reports Flashpoint.…
Read MoreThere’s one cognitive bias that we humans are prone to, and it lies at the centre of some of the challenges that cybersecurity professionals face every day. It’s known as the normalcy bias – what Dr. Lauren Braithwaite defines as “our tendency to underestimate the possibility of disaster and believe that life will continue as normal, even in the face of significant threats or crises.” It’s why people hesitate after fire alarms go off or…
Read MoreMicrosoft today released software updates to plug nearly 200 security holes across its Windows operating systems and supported software, a record number of fixes for the company’s monthly Patch Tuesday cycle. Nearly three dozen of those bugs earned Microsoft’s most dire “critical” rating, and exploit code for at least three of the weaknesses is now publicly available. The software giant said in a blog post last month that both its engineers and the security community…
Read MoreMicrosoft’s June 2026 Patch Tuesday updates fix roughly 200 vulnerabilities discovered in the company’s products. None of the flaws addressed this month appears to have been exploited in the wild, but three issues were publicly disclosed before Microsoft patched them. One of them is CVE-2026-49160, described as a denial-of-service (DoS) issue affecting Windows. This vulnerability is related to HTTP2/Bomb, an attack technique that could affect hundreds of thousands of websites, and which can be used…
Read MoreA Security emerged from stealth mode on Monday after raising $37 million in funding for its autonomous offensive security and remediation platform. The company was founded by Yossi Torati, Omer Gull, and Yuval Itzchakov. Torati, who serves as CEO, previously worked as director of enterprise security at Sygnia. Gull (CPO) and Itzchakov (CTO) held leadership roles at Hunters prior to founding A Security. A Security received funding from Lightspeed Venture Partners, Cyberstarts, Wiz CEO Assaf…
Read MoreEmphere, a Seattle cybersecurity startup building an AI-driven vulnerability remediation platform, this week announced raising $2.1 million in pre-seed funding from AI2 Incubator and Outsiders Fund. The startup’s approach to vulnerability remediation falls in line with modern software development trends, where code is no longer built from scratch but assembled from open source packages, runtimes, dependencies, and OS layers. Any vulnerability in these components, Emphere says, is the shipping company’s or the vendor’s problem, even…
Read More