The security defects allow unauthenticated, remote attackers to execute arbitrary code through crafted requests.
The post MetInfo, Weaver E-cology Vulnerabilities in Attackers’ Crosshairs appeared first on SecurityWeek.
WhatsApp Discloses File Spoofing, Arbitrary URL Scheme Vulnerabilities
The vulnerabilities were reported to Meta through its bug bounty program and were patched with updates released earlier this year.
The post WhatsApp Discloses File Spoofing, Arbitrary URL Scheme Vulnerabilities appeared first on SecurityWeek.
Cisco Moves to Acquire Astrix Security to Tackle Non-Human Identity Risks
The acquisition strengthens Cisco’s push into identity-centric security for AI and machine access.
The post Cisco Moves to Acquire Astrix Security to Tackle Non-Human Identity Risks appeared first on SecurityWeek.
Trellix Source Code Repository Breached
The cybersecurity firm’s investigation has not found any impact on its source code release or distribution process.
The post Trellix Source Code Repository Breached appeared first on SecurityWeek.
Cybersecurity M&A Roundup: 33 Deals Announced in April 2026
Significant cybersecurity M&A deals announced by Airbus, Cyera, Fortra, Palo Alto Networks, Silverfort, and Socket.
The post Cybersecurity M&A Roundup: 33 Deals Announced in April 2026 appeared first on SecurityWeek.
DigiCert Revokes Certificates After Support Portal Hack
Hackers delivered malware via a customer chat channel, infected an analyst’s system, and accessed the internal support portal.
The post DigiCert Revokes Certificates After Support Portal Hack appeared first on SecurityWeek.
Exploitation of ‘Copy Fail’ Linux Vulnerability Begins
CISA has added the bug to its KEV list, and Microsoft has observed limited exploitation, mainly associated with PoC testing.
The post Exploitation of ‘Copy Fail’ Linux Vulnerability Begins appeared first on SecurityWeek.
OpenAI Rolls Out Advanced Security for ChatGPT Accounts
Advanced Account Security provides stronger login methods, more secure account recovery, shorter sessions, and training exclusion.
The post OpenAI Rolls Out Advanced Security for ChatGPT Accounts appeared first on SecurityWeek.
Over 40,000 Servers Compromised in Ongoing cPanel Exploitation
The attacks likely target CVE-2026-41940, a recently patched zero-day leading to administrative access.
The post Over 40,000 Servers Compromised in Ongoing cPanel Exploitation appeared first on SecurityWeek.
Edtech Firm Instructure Discloses Data Breach Amid Hacker Leak Threats
Hackers disrupted services and stole names, email addresses, student ID numbers, and user messages.
The post Edtech Firm Instructure Discloses Data Breach Amid Hacker Leak Threats appeared first on SecurityWeek.
