Insufficient sanitization of CSS content within HTML emails leads to inline script execution when the message is opened in a browser.
The post Russian APT Exploits Zimbra Vulnerability Against Ukraine appeared first on SecurityWeek.
Raven Emerges From Stealth With $20 Million in Funding
Raven’s platform observes applications at runtime to detect anomalous behavior and prevent cyberattacks.
The post Raven Emerges From Stealth With $20 Million in Funding appeared first on SecurityWeek.
CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability
The SharePoint remote code execution vulnerability CVE-2026-20963, which Microsoft patched in January, has been exploited in the wild.
The post CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability appeared first on SecurityWeek.
Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks
Amazon found evidence that the FMC software vulnerability has been exploited since late January, and found links to Russia.
The post Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks appeared first on SecurityWeek.
The Collapse of Predictive Security in the Age of Machine-Speed Attacks
With exploitation of vulnerabilities taking just days, preemptive security must be the new model for defenders.
The post The Collapse of Predictive Security in the Age of Machine-Speed Attacks appeared first on SecurityWeek.
Autonomous Offensive Security Firm XBOW Raises $120M at $1B+ Valuation
The company has developed an AI-powered platform that autonomously discovers and validates software vulnerabilities.
The post Autonomous Offensive Security Firm XBOW Raises $120M at $1B+ Valuation appeared first on SecurityWeek.
Cloud Security Startup Native Exits Stealth With $42 Million in Funding
Phil Venables, former CISO of Google Cloud and now a venture partner at Ballistic Ventures, has joined Native’s board of directors.
The post Cloud Security Startup Native Exits Stealth With $42 Million in Funding appeared first on SecurityWeek.
‘DarkSword’ iOS Exploit Kit Used by State-Sponsored Hackers, Spyware Vendors
Targeting six iOS vulnerabilities and leading to full device compromise, the exploit chain is meant for surveillance.
The post ‘DarkSword’ iOS Exploit Kit Used by State-Sponsored Hackers, Spyware Vendors appeared first on SecurityWeek.
Virtual Summit Today: Supply Chain & Third-Party Risk Summit
Cyber risk doesn’t stop at your perimeter. Today’s most dangerous threats could be hiding in your software supply chain.
The post Virtual Summit Today: Supply Chain & Third-Party Risk Summit appeared first on SecurityWeek.
EU Sanctions Chinese, Iranian Firms Supporting Hacking Operations
The sanctions target two Chinese individuals, two Chinese companies, and one Iranian firm involved in hacking EU member states.
The post EU Sanctions Chinese, Iranian Firms Supporting Hacking Operations appeared first on SecurityWeek.
