GTIG and Mandiant said the zero-day tracked as CVE-2026-22769 has been exploited by UNC6201 since at least 2024.
The post Dell RecoverPoint Zero-Day Exploited by Chinese Cyberespionage Group appeared first on SecurityWeek.
API Threats Grow in Scale as AI Expands the Blast Radius
New research shows attackers increasingly abusing APIs at machine speed as AI-driven systems widen exposure and amplify impact.
The post API Threats Grow in Scale as AI Expands the Blast Radius appeared first on SecurityWeek.
Password Managers Vulnerable to Vault Compromise Under Malicious Server
Researchers at ETH Zurich have tested the security of Bitwarden, LastPass, Dashlane, and 1Password password managers.
The post Password Managers Vulnerable to Vault Compromise Under Malicious Server appeared first on SecurityWeek.
CISA Navigates DHS Shutdown With Reduced Staff
CISA is currently operating at roughly 38% capacity (888 out of 2,341 staff) due to the DHS shutdown that began February 14, 2026.
The post CISA Navigates DHS Shutdown With Reduced Staff appeared first on SecurityWeek.
Google Patches First Actively Exploited Chrome Zero-Day of 2026
A Chrome 145 update fixes CVE-2026-2441, a vulnerability that can likely be exploited for arbitrary code execution.
The post Google Patches First Actively Exploited Chrome Zero-Day of 2026 appeared first on SecurityWeek.
China Revives Tianfu Cup Hacking Contest Under Increased Secrecy
Rewards for exploits are reportedly much smaller than in the contest’s glory days.
The post China Revives Tianfu Cup Hacking Contest Under Increased Secrecy appeared first on SecurityWeek.
Hacktivists, State Actors, Cybercriminals Target Global Defense Industry, Google Warns
Threat actors from Russia, China, North Korea and Iran have been observed launching attacks.
The post Hacktivists, State Actors, Cybercriminals Target Global Defense Industry, Google Warns appeared first on SecurityWeek.
Apple Patches iOS Zero-Day Exploited in ‘Extremely Sophisticated Attack’
Impacting the ‘dyld’ system component, the memory corruption issue can be exploited for arbitrary code execution.
The post Apple Patches iOS Zero-Day Exploited in ‘Extremely Sophisticated Attack’ appeared first on SecurityWeek.
Conduent Breach Hits Volvo Group: Nearly 17,000 Employees’ Data Exposed
The Conduent data breach affects at least 25 million individuals, up from 10 million estimated a few months ago.
The post Conduent Breach Hits Volvo Group: Nearly 17,000 Employees’ Data Exposed appeared first on SecurityWeek.
EU Unconditionally Approves Google’s $32B Acquisition of Wiz
The European Commission’s ruling is based on extensive feedback from customers and rival cloud security and infrastructure vendors.
The post EU Unconditionally Approves Google’s $32B Acquisition of Wiz appeared first on SecurityWeek.
