The saga of VMWare’s critical CVE-2024-38812 vCenter Server bug has reached the “exploitation detected” stage.

A zero-day vulnerability affecting five discontinued GeoVision product models has been exploited by a botnet. Discontinued GeoVision video surveillance products are falling victim to botnet attacks ...

EPA flags security vulnerabilities in more than 300 drinking water systems that serve roughly 110 million individuals.

Palo Alto Networks has released IoCs for the attacks exploiting a newly uncovered firewall zero-day vulnerability.

The DeepData malware framework was seen exploiting a Fortinet VPN client for Windows zero-day that remains unpatched.

AnnieMac Home Mortgage is informing over 171,000 individuals that their data has been compromised in a hacker attack.

The Library of Congress has notified lawmakers of a “cyber breach” of its IT system by an adversary and a hack of emails.

T-Mobile has also been targeted by the Chinese group Salt Typhoon in a major espionage campaign targeting US telecom ...

Great Plains Regional Medical Center in Oklahoma is notifying over 133,000 individuals that their personal information was compromised in a ransomware attack. The public, not-for-profit healthcare ...

The DHS released guidelines for using artificial intelligence in the power grid, water system, and other critical infrastructure.

The CISO Forum Virtual Summit took place on November 13th in SecurityWeek’s Virtual Conference Center. Watch now on demand.

SurePath AI has raised $5.2 million in seed funding for a solution that helps enterprises securely use generative AI.