The FBI has published an alert describing the malware used by Iranian government hackers.
The post Stryker Says Malicious File Found During Probe Into Iran-Linked Attack appeared first on SecurityWeek.
RSAC 2026 Conference Announcements Summary (Pre-Event)
A summary of the announcements made by vendors in the days leading up to the RSAC 2026 Conference.
The post RSAC 2026 Conference Announcements Summary (Pre-Event) appeared first on SecurityWeek.
M-Trends 2026: Initial Access Handoff Shrinks From Hours to 22 Seconds
The latest M-Trends report is based on insights from over 500,000 hours of Mandiant incident response investigations in 2025.
The post M-Trends 2026: Initial Access Handoff Shrinks From Hours to 22 Seconds appeared first on SecurityWeek.
Chip Services Firm Trio-Tech Says Subsidiary Hit by Ransomware
The semiconductor company says hackers deployed file-encrypting ransomware on the network of a subsidiary in Singapore.
The post Chip Services Firm Trio-Tech Says Subsidiary Hit by Ransomware appeared first on SecurityWeek.
Aqua’s Trivy Vulnerability Scanner Hit by Supply Chain Attack
Hackers published a malicious scanner release and replaced tags to point to information-stealer malware.
The post Aqua’s Trivy Vulnerability Scanner Hit by Supply Chain Attack appeared first on SecurityWeek.
QNAP Patches Four Vulnerabilities Exploited at Pwn2Own
The flaws could allow attackers to access sensitive information, execute code, or cause unexpected behavior.
The post QNAP Patches Four Vulnerabilities Exploited at Pwn2Own appeared first on SecurityWeek.
Tycoon 2FA Fully Operational Despite Law Enforcement Takedown
Attack volumes are back to pre-disruption levels, and the adversary tactics have remained unchanged.
The post Tycoon 2FA Fully Operational Despite Law Enforcement Takedown appeared first on SecurityWeek.
Oracle Releases Emergency Patch for Critical Identity Manager Vulnerability
CVE-2026-21992 can be used without authentication for remote code execution and it may have been exploited in the wild.
The post Oracle Releases Emergency Patch for Critical Identity Manager Vulnerability appeared first on SecurityWeek.
Critical Quest KACE Vulnerability Potentially Exploited in Attacks
The vulnerability is tracked as CVE-2025-32975 and it may have been exploited in attacks against the education sector.
The post Critical Quest KACE Vulnerability Potentially Exploited in Attacks appeared first on SecurityWeek.
In Other News: New Android Safeguards, Operation Alice, UK Toughens Cyber Reporting
Other noteworthy stories that might have slipped under the radar: vulnerabilities found in KVM devices, Claudy Day Claude vulnerabilities, The Gentlemen ransomware group.
The post In Other News: New Android Safeguards, Operation Alice, UK Toughens Cyber Reporting appeared first on SecurityWeek.
