SecurityWeek
137 articles in the Truth Foundry index. Each links out to the original.
- Coca-Cola Halts US Fairlife Production Following Ransomware Breach · Coca-Cola suspended US Fairlife production after hackers accessed production systems.
- Two Scattered Spider Hackers Sentenced to Five Years in UK · UK courts sentence Thalha Jubair and Owen Flowers to five years and six months for the 2024 TfL cyberattack.
- AI Data Centers Built Faster Than Security Can Keep Up · Rapid AI data center construction creates unique security risks due to architectural differences from traditional facilities.
- China Bans Top Cybersecurity Firms from Military Procurement · China's PLA suspended or blacklisted over a dozen leading cybersecurity vendors since 2024 for bidding misconduct.
- Nightmare Eclipse Releases LegacyHive Windows Zero-Day Exploit · Security researcher Nightmare Eclipse released a new Windows zero-day exploit targeting the User Profile Service on Patch Tuesday.
- CISA Urges Immediate Patching of Exploited SharePoint Zero-Day Vulnerabilities · CISA warns federal agencies to patch exploited SharePoint flaws CVE-2026-56164 and others within three days.
- Cloud & Data Security Summit Addresses AI Risks and Identity Gaps · SecurityWeek hosts a virtual summit today to tackle cloud security challenges and AI application risks.
- US Indicts Three Russians and Two Firms for Operating Cybercrime Infrastructure · The US Justice Department unsealed an indictment charging three Russians and two companies with running cybercrime services.
- Fortinet, Ivanti, and ServiceNow Patch Critical and High-Severity Vulnerabilities · Fortinet, Ivanti, and ServiceNow released patches for 15 vulnerabilities including a critical RCE in ServiceNow's AI platform.
- White House Launches Gold Eagle AI Vulnerability Coordination Initiative · The White House launched Gold Eagle to coordinate AI-driven vulnerability patching for critical infrastructure.
- Progress Confirms Zero-Day Vulnerability Behind ShareFile Disruption · Progress Software confirms a zero-day path traversal bug caused ShareFile Storage Zones Controller disruption and access restoration.
- Siemens, Schneider, and Rockwell Release Critical ICS Patches on July 2026 Patch Tuesday · Siemens, Schneider Electric, and Rockwell Automation issued advisories fixing critical vulnerabilities in their industrial control systems.
- Google and Mozilla Release Critical Security Patches for Chrome and Firefox · Google and Mozilla patch critical vulnerabilities in Chrome 150 and Firefox 152.
- SonicWall Urges Immediate Patch for Two Zero-Day Exploits Targeting SMA1000 · SonicWall warns of active zero-day exploitation of CVE-2026-15409 and CVE-2026-15410 in SMA1000 appliances.
- Microsoft Patches Record 622 Flaws, Including Two Exploited Zero-Days · Microsoft releases patches for 622 vulnerabilities, including two exploited zero-days in Active Directory and SharePoint.
- Synopsys Denies Data Breach After Ransomware Group Claims Hack of Bosch Systems · Synopsys states it found no evidence of a breach following D1R ransomware group claims of hacking its systems and customer Bosch.
- Broadcom Patches Seven Severe Vulnerabilities in VMware Avi Load Balancer · Broadcom released updates for VMware Avi Load Balancer to fix seven critical and high-severity security flaws.
- Unpatched Flaws in Claude for Chrome Allow Extensions to Read Gmail and Calendar · Security firm Manifold reports two unpatched vulnerabilities in Anthropic's Claude for Chrome extension.
- Supply Chain Attack Compromises Jscrambler NPM Packages with Malware · Threat actors exploited compromised credentials to distribute malicious Jscrambler NPM packages containing information-stealing binaries.
- Critical Joomla Extension Vulnerabilities Exploited in the Wild · Threat actors exploit zero-day RCE flaws in Balbooa Forms and iCagenda Joomla extensions.
- New 'HalluSquatting' Attack Turns AI Hallucinations Into Botnet Delivery Mechanism · Researchers reveal 'HalluSquatting' exploits AI hallucinations to create scalable agentic botnets.
- Threat Actor Deploys 200+ GitHub Repositories for Windows Malware Distribution · Operation Muck and Load uses 222 lure repositories to distribute Windows malware via Go modules and PowerShell scripts.
- QIZ Security Raises $17M Seed Round to Tackle Post-Quantum Cryptography Risks · Israeli startup QIZ Security secures $17M seed funding to enhance its cryptographic governance platform.
- Palo Alto Networks Patches 13 Vulnerabilities Including Critical PAN-OS Flaws · Palo Alto Networks releases patches for 13 vulnerabilities, including a critical PAN-OS remote code execution flaw.
- 12 Million Impacted by Data Breach at Japanese Telco KDDI · KDDI confirms over 12 million people affected by June data breach exploiting zero-day vulnerability
- Microsoft Patches Defender 'RoguePlanet' Privilege Escalation Flaw · Microsoft deploys automatic patches for CVE-2026-50656, a Defender race condition allowing System-level privilege escalation.
- Mount Royal University Confirms Ransomware Attack Stole Student and Employee Data · Mount Royal University confirms a ransomware attack deleted systems and stole over 10TB of student and employee data.
- Chrome 150 Update Patches 27 Vulnerabilities Including Two Critical Flaws · Google releases Chrome 150 update fixing 27 security flaws, including two critical use-after-free bugs.
- Spanish Startup 8Layers Secures $2.9 Million for Identity Security Platform · Madrid-based 8Layers raises $2.9M total to combat digital identity threats with AI-driven security.
- Ohio County Pays $1 Million Bitcoin Ransom to Kairos Extortion Group · Union County, Ohio paid $1 million in Bitcoin to Kairos after a 2025 data breach.