#cybersecurity-etf

[ follow ]
#cybersecurity #data-breach #malware #vulnerabilities #ai #ai-security #security #cryptocurrency #compliance
#fortinet
Information security
fromThe Hacker News
1 hour ago

Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

Fortinet released patches for a critical vulnerability in FortiClient EMS, allowing unauthenticated attackers to execute unauthorized commands.
Information security
fromSecurityWeek
4 days ago

Exploitation of Critical Fortinet FortiClient EMS Flaw Begins

Threat actors exploit a critical SQL injection vulnerability in Fortinet FortiClient EMS, allowing remote code execution without authentication.
Information security
fromThe Hacker News
1 hour ago

Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

Fortinet released patches for a critical vulnerability in FortiClient EMS, allowing unauthenticated attackers to execute unauthorized commands.
Information security
fromSecurityWeek
4 days ago

Exploitation of Critical Fortinet FortiClient EMS Flaw Begins

Threat actors exploit a critical SQL injection vulnerability in Fortinet FortiClient EMS, allowing remote code execution without authentication.
more#fortinet
Cryptocurrency
fromnews.bitcoin.com
19 hours ago

Human Error, Not Hacking, Cited as Top Cause for Crypto Access Loss

Human error is the leading cause of cryptocurrency access loss, affecting 35% of holders, primarily due to forgotten passwords and lost seed phrases.
European startups
fromSilicon Canals
3 hours ago

Compliance startup Delve removed from Y Combinator portfolio after anonymous whistleblower posts spark investor exodus - Silicon Canals

Delve has been removed from Y Combinator's portfolio due to serious allegations regarding its business practices and compliance misrepresentation.
#cybersecurity
fromTechCrunch
18 hours ago
Information security

After fighting malware for decades, this cybersecurity veteran is now hacking drones | TechCrunch

fromTechCrunch
1 day ago
EU data protection

Europe's cyber agency blames hacking gangs for massive data breach and leak | TechCrunch

Information security
fromSilicon Canals
10 hours ago

Mikko Hypponen says the age of viruses is over - now he's building defences against drones - Silicon Canals

Mikko Hyppönen is applying cybersecurity methods to develop anti-drone systems at Sensofusion, focusing on drone communication detection.
EU data protection
fromSecurityWeek
20 hours ago

European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack

Hackers stole over 300GB of data from the European Commission's AWS environment using a compromised API key from the Trivy supply chain attack.
Node JS
fromInfoQ
6 days ago

Are We Ready for the Next Cyber Security Crisis Like Log4shell?

Organizations are not prepared for the next cybersecurity crisis, similar to Log4Shell.
Information security
fromTechCrunch
18 hours ago

After fighting malware for decades, this cybersecurity veteran is now hacking drones | TechCrunch

Mikko Hyppönen emphasizes the invisible nature of cybersecurity work, comparing it to Tetris where successes vanish and failures accumulate.
EU data protection
fromTechCrunch
1 day ago

Europe's cyber agency blames hacking gangs for massive data breach and leak | TechCrunch

A cybercriminal group known as TeamPCP hacked the EU's executive body, stealing 92 gigabytes of data, including personal information.
Information security
fromSilicon Canals
10 hours ago

Mikko Hypponen says the age of viruses is over - now he's building defences against drones - Silicon Canals

Mikko Hyppönen is applying cybersecurity methods to develop anti-drone systems at Sensofusion, focusing on drone communication detection.
more#cybersecurity
#openclaw
DevOps
fromInfoWorld
1 day ago

Understanding the risks of OpenClaw

OpenClaw is an orchestration layer that requires external services to function effectively, rather than being a standalone cloud platform.
Information security
fromArs Technica
1 day ago

OpenClaw gives users yet another reason to be freaked out about security

OpenClaw's vulnerabilities pose severe security risks, allowing attackers to gain administrative access with minimal permissions.
DevOps
fromInfoWorld
1 day ago

Understanding the risks of OpenClaw

OpenClaw is an orchestration layer that requires external services to function effectively, rather than being a standalone cloud platform.
Information security
fromArs Technica
1 day ago

OpenClaw gives users yet another reason to be freaked out about security

OpenClaw's vulnerabilities pose severe security risks, allowing attackers to gain administrative access with minimal permissions.
more#openclaw
#data-breach
Privacy professionals
fromSilicon Canals
1 day ago

A fintech app asked users for their passports - then left 360,000 files unprotected for five years - Silicon Canals

A money transfer app exposed over 360,000 sensitive files on a public server for nearly five years, including unencrypted personal documents.
Privacy professionals
fromSilicon Canals
2 days ago

Fintech apps demand your passport for verification - then leave it on an unprotected server - Silicon Canals

Duc's exposed server revealed unprotected sensitive personal data, highlighting significant gaps in fintech data protection practices.
Information security
fromSecuritymagazine
2 days ago

AI Startup Mercor, Which Works With Open AI and Anthropic, Confirms Data Breach

Mercor, an AI startup, experienced a data breach involving 4 terabytes of stolen data linked to a supply chain attack by hacking groups.
Information security
fromTheregister
2 days ago

The company's biggest security hole lived in the breakroom

An internet-connected coffee machine caused a major data breach by exploiting security vulnerabilities in a corporate network.
Privacy professionals
fromSilicon Canals
1 day ago

A fintech app asked users for their passports - then left 360,000 files unprotected for five years - Silicon Canals

A money transfer app exposed over 360,000 sensitive files on a public server for nearly five years, including unencrypted personal documents.
Privacy professionals
fromSilicon Canals
2 days ago

Fintech apps demand your passport for verification - then leave it on an unprotected server - Silicon Canals

Duc's exposed server revealed unprotected sensitive personal data, highlighting significant gaps in fintech data protection practices.
Information security
fromSecuritymagazine
2 days ago

AI Startup Mercor, Which Works With Open AI and Anthropic, Confirms Data Breach

Mercor, an AI startup, experienced a data breach involving 4 terabytes of stolen data linked to a supply chain attack by hacking groups.
Information security
fromTheregister
2 days ago

The company's biggest security hole lived in the breakroom

An internet-connected coffee machine caused a major data breach by exploiting security vulnerabilities in a corporate network.
more#data-breach
fromElectronic Frontier Foundation
1 day ago

Triple Header for Privacy's Defender in New York

"Privacy's Defender is a compelling account of a life well lived and an inspiring call to action for the next generation of civil liberties champions." ~Edward Snowden, whistleblower; author of Permanent Record
Privacy technologies
Apple
fromSecurityWeek
2 days ago

Apple Rolls Out DarkSword Exploit Protection to More Devices

Apple is updating older iOS devices to protect against the DarkSword exploit kit targeting vulnerabilities in its mobile platforms.
Venture
fromSecurityWeek
3 days ago

Depthfirst Raises $80 Million in Series B Funding

Depthfirst raised $80 million in Series B funding, totaling $120 million, to enhance software security with its new AI model Dfs-mini1.
#crowdstrike
Business
from24/7 Wall St.
5 days ago

CrowdStrike Gains 4% as Morgan Stanley Names It a Top AI Security Bet

CrowdStrike stock rebounds 4% after analyst upgrades, suggesting market reassessment of previous selloff fears regarding AI's impact on cybersecurity.
Business
from24/7 Wall St.
1 week ago

CrowdStrike Slides 7% Today as Earnings Disappoint and AI Rivals Intensify Pressure

CrowdStrike's stock is down 7% after disappointing earnings guidance, raising concerns about its growth trajectory amid increasing competition.
Business
from24/7 Wall St.
3 days ago

Wall Street Says Buy CrowdStrike And Watch It Gain $100 This Year

CrowdStrike Holdings is rated Buy with a $500 target, aiming for $10 billion in annual recurring revenue in a $150 billion market.
Business
from24/7 Wall St.
5 days ago

CrowdStrike Gains 4% as Morgan Stanley Names It a Top AI Security Bet

CrowdStrike stock rebounds 4% after analyst upgrades, suggesting market reassessment of previous selloff fears regarding AI's impact on cybersecurity.
Business
from24/7 Wall St.
1 week ago

CrowdStrike Slides 7% Today as Earnings Disappoint and AI Rivals Intensify Pressure

CrowdStrike's stock is down 7% after disappointing earnings guidance, raising concerns about its growth trajectory amid increasing competition.
more#crowdstrike
Artificial intelligence
fromTechRepublic
1 day ago

AI Breakthroughs, Security Breaches, and Industry Shakeups Define the Week in Tech - TechRepublic

Tech industry faces rapid AI advancements alongside significant security vulnerabilities and human costs.
Cryptocurrency
fromnews.bitcoin.com
13 hours ago

USDC Freeze Controversy: ZachXBT Says Circle Froze 16 Legitimate Wallets, Missed Real Hacks

ZachXBT identified 15 cases of over $420M in illicit USDC flows that Circle failed to freeze promptly since 2022.
#ai
Privacy technologies
fromComputerWeekly.com
2 days ago

Identity and AI: Questions of data security, trust and control | Computer Weekly

AI-driven identity solutions improve access control but raise compliance, privacy, and ethical concerns that organizations must address.
fromHarvard Business Review
5 days ago
Artificial intelligence

AI Agents Act a Lot Like Malware. Here's How to Contain the Risks.

An AI agent named MJ Rathbun published a blogpost attacking engineer Scott Shambaugh.
Privacy technologies
fromComputerWeekly.com
2 days ago

Identity and AI: Questions of data security, trust and control | Computer Weekly

AI-driven identity solutions improve access control but raise compliance, privacy, and ethical concerns that organizations must address.
more#ai
DevOps
fromComputerWeekly.com
2 days ago

How 'Wikipedia of cyber' helps SAP make sense of threat data | Computer Weekly

SAP faces significant challenges in securing enterprise data amidst a complex threat landscape and evolving compliance requirements.
Podcast
fromSecuritymagazine
1 week ago

What Does It Take to Be an Outstanding CSO or CISO?

Outstanding security leaders often come from non-traditional backgrounds, with 40% of recent CSO-CISO Hall of Fame honorees starting in the private sector.
#solana
Cryptocurrency
fromnews.bitcoin.com
1 day ago

Drift Protocol Hack 2026: What Happened, Who Lost Money, and What's Next

A Solana-based perpetual futures exchange lost $286 million in 12 minutes due to a sophisticated attack involving fake collateral and social engineering.
Information security
fromThe Hacker News
1 day ago

Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK

Drift decentralized exchange lost $285 million due to a sophisticated attack involving unauthorized access and social engineering.
Cryptocurrency
fromnews.bitcoin.com
1 day ago

Drift Protocol Hack 2026: What Happened, Who Lost Money, and What's Next

A Solana-based perpetual futures exchange lost $286 million in 12 minutes due to a sophisticated attack involving fake collateral and social engineering.
Information security
fromThe Hacker News
1 day ago

Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK

Drift decentralized exchange lost $285 million due to a sophisticated attack involving unauthorized access and social engineering.
more#solana
#ai-governance
more#ai-governance
#ai-security
Software development
fromThe Hacker News
2 weeks ago

How Ceros Gives Security Teams Visibility and Control in Claude Code

AI coding agents like Claude Code operate outside existing enterprise security controls, requiring new machine-level security infrastructure to provide visibility, policy enforcement, and audit trails.
Information security
fromInfoWorld
2 days ago

Claude Code leak puts enterprise trust at risk as security, governance concerns mount

Leaks threaten Anthropic's market position and raise security concerns about its AI coding tools.
Information security
fromTechzine Global
1 week ago

CrowdStrike Falcon Update Makes the Endpoint the Hub for AI Security

CrowdStrike enhances the Falcon platform with new AI security features, making endpoints central to detecting and managing AI applications.
Software development
fromThe Hacker News
2 weeks ago

How Ceros Gives Security Teams Visibility and Control in Claude Code

AI coding agents like Claude Code operate outside existing enterprise security controls, requiring new machine-level security infrastructure to provide visibility, policy enforcement, and audit trails.
Information security
fromInfoWorld
2 days ago

Claude Code leak puts enterprise trust at risk as security, governance concerns mount

Leaks threaten Anthropic's market position and raise security concerns about its AI coding tools.
Information security
fromTechzine Global
1 week ago

CrowdStrike Falcon Update Makes the Endpoint the Hub for AI Security

CrowdStrike enhances the Falcon platform with new AI security features, making endpoints central to detecting and managing AI applications.
more#ai-security
DevOps
fromTechzine Global
3 days ago

IGEL brings 'Smarter, Zero Trust' approach Contextual Access to endpoints

IGEL's Contextual Access enhances endpoint security by adapting access rights based on user, device, location, and trust status.
Information security
fromSecurityWeek
1 day ago

Mobile Attack Surface Expands as Enterprises Lose Control

Mobile device security is inadequate, with many organizations using critically outdated operating systems and exposing sensitive data to potential attacks.
DevOps
fromInfoQ
1 week ago

Panel: Security Against Modern Threats

Modern threats to software supply chains require resilience by design, integrating security into engineering workflows and empowering developers with the right tools.
fromComputerworld
1 day ago

A core infrastructure engineer pleads guilty to federal charges in insider attack

Rhyne's attack involved unauthorized remote desktop sessions, deletion of network administrator accounts, and changing of passwords, showcasing significant security vulnerabilities.
Information security
Information security
fromInfoQ
2 days ago

Open Source Security Tool Trivy Hit by Supply Chain Attack, Prompting Urgent Industry Response

A malicious release of the Trivy vulnerability scanner exposed critical weaknesses in software supply chain security, allowing for potential credential theft.
Information security
fromnews.bitcoin.com
1 day ago

SEC Warns Fake Officials Exploit Trust With Fraud Tactics Targeting Investors

Impersonation scams using SEC branding are increasing, exploiting investor trust through social media and text messages.
Information security
fromInfoWorld
1 day ago

CERT-EU blames Trivy supply chain attack for Europa.eu data breach

TeamPCP exploited Trivy to access sensitive cloud credentials and data, creating significant vulnerabilities for organizations.
Information security
fromWIRED
1 day ago

Meta Pauses Work With Mercor After Data Breach Puts AI Industry Secrets at Risk

Meta has paused work with Mercor due to a major security breach affecting data used for AI training.
Information security
fromSecurityWeek
1 day ago

Critical ShareFile Flaws Lead to Unauthenticated RCE

Two critical vulnerabilities in ShareFile could allow unauthenticated remote code execution through improper access to configuration pages.
fromSecuritymagazine
2 months ago

The New Battleground of Cybersecurity

I've always had what I would consider a hacker mindset, a curiosity to take things apart, understand them, and use that knowledge to solve problems. That mindset took me on a circuitous route into the cybersecurity industry; after being kicked out of high school for hacking computer systems, I worked a range of jobs, managing office supply companies by day and cracking Wi-Fi networks by night until I started a Digital Forensics degree which led me to the world of security research.
Science
#malware
Information security
fromThe Hacker News
2 days ago

Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners

Operation REF1695 uses fake installers to deploy RATs and cryptocurrency miners, monetizing infections through CPA fraud since November 2023.
Information security
fromThe Hacker News
2 days ago

Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners

Operation REF1695 uses fake installers to deploy RATs and cryptocurrency miners, monetizing infections through CPA fraud since November 2023.
more#malware
Information security
fromTechzine Global
1 day ago

Axios supply chain attack victim posts postmortem to prevent a repeat

Axios was compromised for three hours, distributing Remote Access Trojans due to a sophisticated social engineering attack by North Korean group UNC1069.
Information security
fromSecurityWeek
1 day ago

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

Threat actor exploits Next.js vulnerabilities to exfiltrate credentials and compromise systems at scale, affecting over 766 systems and collecting more than 10,000 files.
#cisco
Information security
fromSecurityWeek
2 days ago

Cisco Patches Critical and High-Severity Vulnerabilities

Cisco has released fixes for two critical and six high-severity vulnerabilities affecting various enterprise networking products.
Information security
fromThe Hacker News
2 days ago

Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise

Cisco has released critical updates to address vulnerabilities in its Integrated Management Controller and Smart Software Manager On-Prem.
Information security
fromSecurityWeek
2 days ago

Cisco Patches Critical and High-Severity Vulnerabilities

Cisco has released fixes for two critical and six high-severity vulnerabilities affecting various enterprise networking products.
Information security
fromThe Hacker News
2 days ago

Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise

Cisco has released critical updates to address vulnerabilities in its Integrated Management Controller and Smart Software Manager On-Prem.
more#cisco
Information security
fromSecurityWeek
4 days ago

The Next Cybersecurity Crisis Isn't Breaches-It's Data You Can't Trust

Data integrity now encompasses data trust, emphasizing the importance of reliable data in AI-driven decision-making.
#supply-chain-attack
more#supply-chain-attack
Information security
fromFortune
2 days ago

Mercor, a $10 billion AI startup, confirms it was caught up in a major security incident | Fortune

Mercor confirmed a security breach linked to a supply chain attack that may have exposed sensitive data of its customers.
Information security
fromSecuritymagazine
4 days ago

The Rising Tide of Executive Protection: Corporations Ramp Up Security in an Era of Heightened Threats

Companies are increasingly investing in executive protection due to rising threats, making it a strategic necessity for business continuity and resilience.
Information security
fromSecurityWeek
4 days ago

Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks

Stolen credentials significantly enhance ransomware attacks, enabling illegitimate access and operational disruption within networks.
Information security
fromnews.bitcoin.com
4 days ago

Chainalysis Deploys AI Agents to Counter Criminal Use of Artificial Intelligence in Crypto

Chainalysis introduces AI agents to enhance fraud detection and compliance without requiring deep technical expertise, ensuring data quality and human oversight.
Information security
fromComputerWeekly.com
4 days ago

Banning routers won't fix what's already broken | Computer Weekly

The FCC's ban on foreign-made routers addresses future procurement, not current security risks, as routers are already vulnerable and widely deployed.
Information security
fromThe Hacker News
1 week ago

Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

A phishing campaign targets French-speaking corporations with fake resumes, deploying malware for credential theft and cryptocurrency mining.
Information security
fromZDNET
1 week ago

1 in 2 security leaders say they're not ready for AI attacks - 4 actions to take now

AI-powered cybercrime is a significant and growing threat to businesses, with many feeling unprotected.
Information security
from24/7 Wall St.
3 weeks ago

With Cyberattacks Surging, Does CrowdStrike or Palo Alto Networks Stand Out?

CrowdStrike's AI-native architecture and Palo Alto's broad platform strategy present distinct investment approaches in a rapidly growing $580 billion cybersecurity market by 2031.
Information security
from24/7 Wall St.
1 month ago

Why Cybersecurity ETF CIBR Belongs in Every Retirement Portfolio Right Now

CIBR tracks cybersecurity companies but has underperformed the broader market over the past five years due to valuation compression in high-growth tech names.
Information security
from24/7 Wall St.
1 month ago

The Cybersecurity ETF That Missed the Boom Entirely

Global X Cybersecurity ETF (BUG) underperforms despite structural growth in cybersecurity spending, returning -3% over five years while competitors and broader indices significantly outpaced it.
[ Load more ]