News

Oracle on Thursday released an out-of-band advisory addressing a PeopleSoft vulnerability that can be exploited by an unauthenticated attacker for remote code execution. The security alert comes amid reports that the notorious ShinyHunters hacker group has been targeting organizations that use PeopleSoft. PeopleSoft is an integrated enterprise resource planning (ERP) software suite widely used by large organizations for managing core business functions, including HR, payroll, finance, supply chain, and campus operations. The newly disclosed vulnerability…

Read More

Microsoft’s June 2026 Patch Tuesday updates fix roughly 200 vulnerabilities discovered in the company’s products.  None of the flaws addressed this month appears to have been exploited in the wild, but three issues were publicly disclosed before Microsoft patched them. One of them is CVE-2026-49160, described as a denial-of-service (DoS) issue affecting Windows. This vulnerability is related to HTTP2/Bomb, an attack technique that could affect hundreds of thousands of websites, and which can be used…

Read More

A Security emerged from stealth mode on Monday after raising $37 million in funding for its autonomous offensive security and remediation platform. The company was founded by Yossi Torati, Omer Gull, and Yuval Itzchakov. Torati, who serves as CEO, previously worked as director of enterprise security at Sygnia. Gull (CPO) and Itzchakov (CTO) held leadership roles at Hunters prior to founding A Security. A Security received funding from Lightspeed Venture Partners, Cyberstarts, Wiz CEO Assaf…

Read More

Emphere, a Seattle cybersecurity startup building an AI-driven vulnerability remediation platform, this week announced raising $2.1 million in pre-seed funding from AI2 Incubator and Outsiders Fund. The startup’s approach to vulnerability remediation falls in line with modern software development trends, where code is no longer built from scratch but assembled from open source packages, runtimes, dependencies, and OS layers. Any vulnerability in these components, Emphere says, is the shipping company’s or the vendor’s problem, even…

Read More

Identity governance startup Opal Security has announced raising $23 million in a new funding round that brings the total investment in the company to $59 million. The fresh round of funding was led by Greylock and Battery Ventures, with additional support from Cambium Capital. Founded in 2020, San Francisco-based Opal has built an AI-native platform that provides organizations with real-time visibility, policy-as-code, and direct control over all identities, including employees, service accounts, and AI agents.…

Read More

Including npm packages in software development projects saves time but can introduce unseen but known vulnerabilities. CVE Lite CLI is a lightweight command line security scanner that operates on lockfiles during software development. It focuses on JavaScript and Typescript files and is an OSV-powered dependency scanner supporting npm, pnpm and Yarn. It is an open source tool developed by Sonu Kapoor, now community supported and recently adopted as an OWASP Incubator Project. Kapoor has been…

Read More

Criminals no longer knock at the door; they abuse the keys that companies can no longer control. Offroad seeks to provide that control. New York- and Tel Aviv-based Offroad emerged from stealth with seed funding of $7 million, led by Ibex Investors and Skywell Capital. Offroad helps organizations move from identity visibility to identity resolution – it claims to investigate, govern, remediate, and verify identity risks. The firm uses agentic AI to find and investigate…

Read More

Coralogix announced on Wednesday that it has raised $200 million in Series F funding for its AI-native observability platform. The company has raised a total of $550 million and told SecurityWeek that the latest funding round (co-led by Advent, CPPIB, and Greenfield) has brought its valuation to $1.6 billion. The new funding will be used for product development, expanding the company’s telemetry data lake architecture, and global growth.  Coralogix offers a full-stack observability platform that…

Read More

President Donald Trump signed an executive order on oversight of artificial intelligence Tuesday, less than two weeks after postponing a White House ceremony over his concerns that a similar policy could dull America’s technological edge. The order establishes a framework for the federal government to vet the national security risks of the most advanced AI systems for up to a month before their public release. Participation by AI developers would be voluntary, the order says.…

Read More