Fresh security updates resolve critical flaws in Azure, Windows, Dynamics 365, and the SSO Plugin for Jira & Confluence.

The post Microsoft Patches 137 Vulnerabilities appeared first on SecurityWeek.

While none of the flaws have been exploited in the wild, many of them could lead to arbitrary code execution.

The post Adobe Patches 52 Vulnerabilities in 10 Products appeared first on SecurityWeek.

The startup will invest in accelerating product development, hiring new talent, and expanding its customer base.

The post White Circle Raises $11 Million for AI Control Platform appeared first on SecurityWeek.

The company took systems offline globally after hackers exfiltrated data and deployed file-encrypting ransomware.

The post West Pharmaceutical Services Hit by Disruptive Ransomware Attack appeared first on SecurityWeek.

The flaws could allow attackers to inject malicious code, leading to information disclosure and code execution.

The post SAP Patches Critical S/4HANA, Commerce Vulnerabilities appeared first on SecurityWeek.

Over 400 malicious versions of 170 packages were published as part of the new Mini Shai-Hulud campaign.

The post TanStack, Mistral AI, UiPath Hit in Fresh Supply Chain Attack appeared first on SecurityWeek.

Using a vulnerability in the portal, hackers accessed names, addresses, email addresses, and phone numbers.

The post Skoda Data Breach Hits Online Shop Customers appeared first on SecurityWeek.

The incident occurred on April 20 and did not affect customer data in the company’s production and staging environments.

The post SailPoint Discloses GitHub Repository Hack appeared first on SecurityWeek.

A malicious version of the plugin was published to the Jenkins Marketplace late last week.

The post Checkmarx Jenkins AST Plugin Compromised in Supply Chain Attack appeared first on SecurityWeek.

The second iteration of the German-speaking online crime marketplace had over 22,000 users and more than 100 sellers.

The post Resurrected ‘Crimenetwork’ Marketplace Taken Down, Administrator Arrested appeared first on SecurityWeek.

Victims span across the aviation, critical infrastructure, energy, logistics, public administration, and technology sectors.

The post Over 500 Organizations Hit in Years-Long Phishing Campaign appeared first on SecurityWeek.

Hackers accessed one of the company’s AWS accounts and compromised AI provider secrets stored in Braintrust.

The post AI Firm Braintrust Prompts API Key Rotation After Data Breach appeared first on SecurityWeek.

The malware framework targets web applications and cloud environments, including AWS, Docker, Kubernetes, and more.

The post ‘PCPJack’ Worm Removes TeamPCP Infections, Steals Credentials appeared first on SecurityWeek.

Lax extension permissions and improper trust implementation allow attackers to inject prompts in the Claude Chrome extension.

The post Vulnerability in Claude Extension for Chrome Exposes AI Agent to Takeover appeared first on SecurityWeek.

The company is expanding its platform’s capabilities with the acquisition of SecureIQx and Korbit.ai.

The post Boost Security Raises $4 Million for SDLC Defense Platform appeared first on SecurityWeek.

The fresh browser update resolves critical-severity integer overflow and use-after-free vulnerabilities.

The post Chrome 148 Rolls Out With 127 Security Fixes appeared first on SecurityWeek.

The software developer has identified the impacted systems, removed potentially compromised files, and validated installation packages.

The post Vendor Says Daemon Tools Supply Chain Attack Contained appeared first on SecurityWeek.

The startup will invest in expanding its training categories, optimizing video generation, and growing its partnership ecosystem.

The post Herd Security Raises $3 Million for AI-Powered Training Platform appeared first on SecurityWeek.

Likely perpetrated by MuddyWater, the attack combined social engineering, persistence, credential harvesting, and data theft.

The post Iranian APT Intrusion Masquerades as Chaos Ransomware Attack appeared first on SecurityWeek.

The persistent, evasive implant provides remote access, surveillance, and credential exfiltration capabilities.

The post Sophisticated Quasar Linux RAT Targets Software Developers appeared first on SecurityWeek.