SecurityWeek

SecurityWeek is a reliable source for news and articles from experts in information security. It is well-respected among senior information security leaders, researchers, and service providers. The content on SecurityWeek emphasizes strategies, methods, research, and data related to security. Additionally, it covers topics such as online privacy, compliance, cybercrime, and emerging security trends.

International

English

Online/Digital

Outlet metrics

Domain Authority

Ranking

Global

#155746

United States

#57710

Computers Electronics and Technology/Computer Security

#163

Traffic sources

Monthly visitors

Articles

Radware Says Recently Disclosed WAF Bypasses Were Patched in 2023

1 day ago | securityweek.com | Eduard Kovacs

Cybersecurity and application delivery solutions provider Radware has clarified that the vulnerabilities disclosed last week were addressed back in 2023. An advisory published on May 7 by the CERT Coordination Center (CERT/CC) at Carnegie Mellon University revealed that the Radware Cloud Web Application Firewall (WAF) was vulnerable to a couple of filter bypass methods that could allow threat actors to conduct attacks without being blocked by the firewall.
CISA Warns of Flaw in TeleMessage App Used by Ex-National Security Advisor

1 day ago | securityweek.com | Eduard Kovacs

The cybersecurity agency CISA is calling attention to a vulnerability discovered in TeleMessage, a messaging application that was recently used by Trump’s former national security advisor, Mike Waltz. Waltz’s short tenure as national security advisor was marked by two incidents related to the use of messaging applications.
Apple Patches Major Security Flaws in iOS, macOS Platforms

2 days ago | securityweek.com | Ryan Naraine

Apple on Monday pushed out patches for security vulnerabilities across the macOS, iPhone and iPad software stack, warning that code-execution bugs that could be triggered simply by opening a rigged image, video or website. The new iOS 18.5 update, rolled out alongside patches for iPadOS, covers critical bugs in AppleJPEG and CoreMedia with a major warning from Cupertino that attackers could craft malicious media files to run arbitrary code with the privileges of the targeted app.
Security Firm Andy Frain Says 100,000 People Impacted by Ransomware Attack

2 days ago | securityweek.com | Eduard Kovacs

Illinois-based physical security company Andy Frain Services revealed on Friday that a data breach suffered last year impacts more than 100,000 people. Andy Frain provides security services for major sports arenas, event venues, universities, commercial businesses, airports, and organizations in the transportation industry.
Google Agrees to $1.3 Billion Settlement in Texas Privacy Lawsuits

2 days ago | securityweek.com | Ionut Arghire

Google has agreed to pay $1.375 billion to Texas to settle allegations that it was tracking users’ location even when the feature was disabled, tracking their internet activity in private browsing, and using their biometric data without consent, Attorney General Ken Paxton announced.
437,000 Impacted by Ascension Health Data Breach

2 days ago | securityweek.com | Ionut Arghire

More than 437,000 patients were impacted by a recently disclosed data breach, non-profit healthcare system Ascension Health told the US Department of Health and Human Services (HHS). The incident did not involve Ascension Health’s systems, but a business partner to which Ascension inadvertently exposed patient data, the organization said roughly two weeks ago. The data, Ascension said, was stolen after hackers targeted a vulnerability in third-party software the business partner was using.
Asus DriverHub Vulnerabilities Expose Users to Remote Code Execution Attacks

2 days ago | securityweek.com | Ionut Arghire

Two vulnerabilities in DriverHub, a driver software that comes pre-installed on Asus motherboards, can be exploited remotely for arbitrary code execution, New Zealand researcher ‘MrBruh’ says. The issues, tracked as CVE-2025-3462 (CVSS score of 8.4) and CVE-2025-3463 (CVSS score of 9.4) could be exploited via crafted HTTP requeststo interact with DriverHub.
US Deportation Airline GlobalX Confirms Hack

2 days ago | securityweek.com | Eduard Kovacs

Global Crossing Airlines, a US airline operating as GlobalX, has confirmed detecting a breach after hackers leaked data allegedly stolen from its systems. GlobalX was in the news recently for playing an important role in the Trump administration’s deportation campaign, particularly the controversial deportations of Venezuelan gang members to El Salvador. The charter airline’s systems were recently targeted by hackers claiming to be part of the Anonymous movement.
German Authorities Take Down Crypto Swapping Service eXch

2 days ago | securityweek.com | Ionut Arghire

German authorities have announced the takedown of eXch, a cryptocurrency exchange allegedly involved in money laundering and in supporting criminal operations. Established since 2014, eXch provided cryptocurrency swapping services and was advertised on underground platforms as lacking anti-money laundering measures, Germany’s Federal Criminal Police Office (BKA) says.
US Announces Botnet Takedown, Charges Against Russian Administrators

2 days ago | securityweek.com | Eduard Kovacs

The US Department of Justice and the Black Lotus Labs team at telecom company Lumen Technologies announced on Friday the takedown of two proxy services powered by a botnet of thousands of hacked devices. The Justice Department has worked with Lumen and police in the Netherlands and Thailand to dismantle the proxy services named Anyproxy and 5socks. Their domains have been seized and Lumen has disrupted infrastructure by null-routing all traffic to and from known control points.