Newspaper

Industry News

General cybersecurity industry news, market trends, and analysis

Webinar: How to Automate Exposure Validation to Match the Speed of AI Attacks

AI-driven attacks uncovered in February 2026 automate kill chain and seize Domain Admin credentials in minutes, forcing faster defenses.

The Hacker NewsApr 29, 20262m5

What to Look for in an Exposure Management Platform (And What Most of Them Get Wrong)

The Hacker News

Industry News

What to Look for in an Exposure Management Platform (And What Most of Them Get Wrong)

Integrated exposure platforms validate exploitability, correlate paths, and reduce priorities to 2%, improving enterprise risk reduction.

The Hacker NewsApr 29, 20267m5

Checkmarx Confirms Data Stolen in Supply Chain Attack

SecurityWeek

Industry News

Checkmarx Confirms Data Stolen in Supply Chain Attack

The hackers exfiltrated the data from Checkmarx’s GitHub environment on March 30, a week after publishing malicious code.

SecurityWeekApr 29, 20263m5

Iranian Cyber Group Handala Targets US Troops in Bahrain

SecurityWeek

Industry News

Iranian Cyber Group Handala Targets US Troops in Bahrain

US service members received WhatsApp messages claiming they would be targeted with drones and missiles.

SecurityWeekApr 29, 20263m5

38 Vulnerabilities Found in OpenEMR Medical Software

SecurityWeek

Industry News

38 Vulnerabilities Found in OpenEMR Medical Software

Some of the vulnerabilities discovered by Aisle can be exploited to access and alter sensitive patient information.

SecurityWeekApr 29, 20262m4

Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately

The Hacker News

Industry News

Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately

cPanel patches authentication flaw across supported versions, prompting Namecheap port blocks and temporary access limits.

The Hacker NewsApr 29, 20262m4

Chrome 147, Firefox 150 Security Updates Rolling Out

SecurityWeek

Industry News

Chrome 147, Firefox 150 Security Updates Rolling Out

The browser refreshes resolve critical and high-severity vulnerabilities that could lead to arbitrary code execution.

SecurityWeekApr 29, 20262m4

The Hacker News

Industry News

CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV

CISA added two actively exploited CVEs to KEV after confirmed attacks, mandating FCEB patching by May 12, 2026.

The Hacker NewsApr 29, 20262m4

Critical GitHub Vulnerability Exposed Millions of Repositories

SecurityWeek

Industry News

Critical GitHub Vulnerability Exposed Millions of Repositories

The remote code execution flaw CVE-2026-3854 was found to impact GitHub.com and GitHub Enterprise Server.

SecurityWeekApr 29, 20262m4

LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure

The Hacker News

Industry News

LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure

CVE-2026-42208 exploited within 36 hours of disclosure, exposing LiteLLM credentials, risking cloud account compromise.

The Hacker NewsApr 29, 20263m4

Industry News

BlueNoroff Uses Fake Zoom Calls to Turn Victims Into Attack Lures

Dark Reading

Industry News

BlueNoroff Uses Fake Zoom Calls to Turn Victims Into Attack Lures

The North Korean group is using stolen victim videos, AI-generated avatars, and fake Zoom calls to scale malware attacks against cryptocurrency executives.

Dark ReadingApr 28, 20261m4

Industry News

NSA Chief During Snowden Affair Shares Regrets, Reflections 13 Years Later

Dark Reading

Industry News

NSA Chief During Snowden Affair Shares Regrets, Reflections 13 Years Later

Chris Inglis was the head civilian in charge at the NSA when the Snowden leak exploded. He gets candid about mistakes the organization made, and what CISOs need to know about spotting potential threats, media disclosures, and "enculturation."

Dark ReadingApr 28, 20261m4