CISA has added the high-severity authentication bypass vulnerability to its KEV list, along with SolarWinds and Workspace One bugs.
The post Recent Ivanti Endpoint Manager Flaw Exploited in Attacks appeared first on SecurityWeek.
SIM Swaps Expose a Critical Flaw in Identity Security
SIM swap attacks exploit misplaced trust in phone numbers and human processes to bypass authentication controls and seize high-value accounts.
The post SIM Swaps Expose a Critical Flaw in Identity Security appeared first on SecurityWeek.
Cylake Raises $45 Million to Secure Organizations Barred From Cloud
The company, founded by Palo Alto Networks’ Nir Zuk, has developed a platform that focuses on data sovereignty.
The post Cylake Raises $45 Million to Secure Organizations Barred From Cloud appeared first on SecurityWeek.
Cybersecurity M&A Roundup: 42 Deals Announced in February 2026
Significant cybersecurity M&A deals announced by Check Point, Booz Allen, Proofpoint, Sophos, Palo Alto Networks, and Zscaler.
The post Cybersecurity M&A Roundup: 42 Deals Announced in February 2026 appeared first on SecurityWeek.
ClickFix Attack Uses Windows Terminal to Evade Detection
Fake CAPTCHA pages instruct victims to paste malicious commands in the Windows Terminal instead of the Run dialog.
The post ClickFix Attack Uses Windows Terminal to Evade Detection appeared first on SecurityWeek.
Internet Infrastructure TLD .arpa Abused in Phishing Attacks
Abusing DNS record management controls, the threat actor hides the location of malicious content via Cloudflare.
The post Internet Infrastructure TLD .arpa Abused in Phishing Attacks appeared first on SecurityWeek.
Cloned AI Tool Sites Distribute Malware in ‘InstallFix’ Campaign
Threat actors replace legitimate commands on the cloned installation webpages with malicious commands.
The post Cloned AI Tool Sites Distribute Malware in ‘InstallFix’ Campaign appeared first on SecurityWeek.
Recent Cisco Catalyst SD-WAN Vulnerability Now Widely Exploited
WatchTowr reports seeing exploitation attempts for CVE-2026-20127 from numerous unique IP addresses.
The post Recent Cisco Catalyst SD-WAN Vulnerability Now Widely Exploited appeared first on SecurityWeek.
US Cyber Strategy Targets Adversaries, Critical Infrastructure, and Emerging Technologies
Trump’s Cyber Strategy calls for stronger deterrence against cyber adversaries, modernization of federal networks, protection of critical infrastructure, and investment in technologies such as AI and post-quantum cryptography.
The post US Cyber Strategy Targets Adversaries, Critical Infrastructure, and Emerging Technologies appeared first on SecurityWeek.
Over 100 GitHub Repositories Distributing BoryptGrab Stealer
The malware targets browser and cryptocurrency wallet data, along with system information and user files.
The post Over 100 GitHub Repositories Distributing BoryptGrab Stealer appeared first on SecurityWeek.
