SentinelOne is buying Observo AI for a combination of cash and stock to boost its SIEM and data offerings.
The post SentinelOne to Acquire Observo AI in $225 Million Deal appeared first on SecurityWeek.
Chinese Spies Impersonated US Lawmaker to Deliver Malware to Trade Groups: Report
China’s APT41 sent out malicious emails on behalf of Rep. John Moolenaar to collect information ahead of US-China trade talks.
The post Chinese Spies Impersonated US Lawmaker to Deliver Malware to Trade Groups: Report appeared first on SecurityWeek.
PromptLock Only PoC, but AI-Powered Ransomware Is Real
PromptLock is only a prototype of LLM-orchestrated ransomware, but hackers already use AI in file encryption and extortion attacks.
The post PromptLock Only PoC, but AI-Powered Ransomware Is Real appeared first on SecurityWeek.
GitHub Workflows Attack Affects Hundreds of Repos, Thousands of Secrets
A supply chain attack called GhostAction has enabled threat actors to steal secrets and exploit them.
The post GitHub Workflows Attack Affects Hundreds of Repos, Thousands of Secrets appeared first on SecurityWeek.
Salesloft GitHub Account Compromised Months Before Salesforce Attack
The list of impacted cybersecurity firms has been expanded to include BeyondTrust, Bugcrowd, CyberArk, Cato Networks, JFrog, and Rubrik.
The post Salesloft GitHub Account Compromised Months Before Salesforce Attack appeared first on SecurityWeek.
Over 6,700 Private Repositories Made Public in Nx Supply Chain Attack
The private repositories of hundreds of organizations were published publicly in the second phase of the Nx supply chain attack.
The post Over 6,700 Private Repositories Made Public in Nx Supply Chain Attack appeared first on SecurityWeek.
Fintech Firm Wealthsimple Says Supply Chain Attack Resulted in Data Breach
Canadian firm Wealthsimple says a data breach impacts the information of some customers, but accounts and funds remain secure.
The post Fintech Firm Wealthsimple Says Supply Chain Attack Resulted in Data Breach appeared first on SecurityWeek.
Cybersecurity M&A Roundup: 27 Deals Announced in August 2025
Significant cybersecurity M&A deals announced by Accenture, CrowdStrike, F5, Okta, and SentinelOne.
The post Cybersecurity M&A Roundup: 27 Deals Announced in August 2025 appeared first on SecurityWeek.
How to Close the AI Governance Gap in Software Development
Widespread adoption of AI coding tools accelerates development—but also introduces critical vulnerabilities that demand stronger governance and oversight.
The post How to Close the AI Governance Gap in Software Development appeared first on SecurityWeek.
Academics Build AI-Powered Android Vulnerability Discovery and Validation Tool
Called A2, the framework mimics human analysis to identify vulnerabilities in Android applications and then validates them.
The post Academics Build AI-Powered Android Vulnerability Discovery and Validation Tool appeared first on SecurityWeek.
