Category: EN

Exploited Security Vendor Vulnerabilities in 2026

Security vendors were prime targets in the first half of 2026, with 55 confirmed exploitation incidents involving 66 CVEs across the main vendors. Explore the full interactive timeline and charts. This article has been indexed from HACKMAGEDDON Read the original…

Introduction to COM usage by Windows threats

Component Object Model (COM) is a fundamental Windows technology used by legitimate applications for object activation, inter-process communication, automation and language-independent component reuse. Those same qualities make it useful to threat actors. This article has been indexed from Cisco Talos…

Flare unveils new CTI capabilities and Okta support

Flare has announced the expanded capabilities for Flare CTI, and an Okta integration within its Identity Exposure Management (IEM) offering. These updates extend Flare’s identity expertise into tactical threat intelligence use cases and agentic workflows to reshape security operations. As…

SpyCloud automates threat investigations with new Research Agent

SpyCloud has announced the launch of SpyCloud Research Agent, a conversational AI investigation agent now available in its Cybercrime Investigations console. Cybercrime investigations have a tax: hours of manual pivot work that experienced analysts run by instinct and junior analysts…

25-Year-Old Vulnerability Patched in Curl

The latest version of the open source data transfer tool resolves 18 medium and low-severity vulnerabilities. The post 25-Year-Old Vulnerability Patched in Curl appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: 25-Year-Old Vulnerability…

Forescout brings PQC visibility to IT, OT, IoT, and IoMT environments

Forescout has announced the launch of its Post-Quantum Cryptography (PQC) Readiness and Encryption Hygiene Dashboards. The new dashboards are designed to help organizations identify, prioritize, and manage quantum risk across information technology (IT), operational technology (OT), Internet of Things (IoT),…

YesWeHack automates penetration testing with AI-powered agents

YesWeHack announces Agentic Pentest, an on-demand solution using autonomous AI agents to test organisations’ assets and deliver same-day findings. Shaped by YesWeHack’s extensive offensive security experience, Agentic Pentest helps organisations identify vulnerabilities, test their real-world exploitability and uncover attack paths…

Entrust uses biometrics to verify users during high-risk transactions

Entrust has introduced a new approach to preventing account takeover. As attackers increasingly target high-risk moments like account recovery, device changes, and large transactions, organizations need to modernize authentication from verifying access to verifying the real human behind the transaction.…

Seemplicity AI Analysts focus remediation on exploitable risks

Seemplicity has launched AI Analysts for exposure management and response. The autonomous agents replace manual vulnerability triage by working directly within remediation workflows to conduct structured, evidence-based exploitability investigations. The old playbook is broken. AI-generated exploits have collapsed the window…

Breaking the MSP Echo Chamber: The Power of Community

MSPs spend too much time talking to other MSPs and not enough time talking to the people they’re supposed to serve.  That’s Paul Croker’s view of some of the channel’s biggest growth problems.   While most industry events bring technology…

Google Wallet adds TSA Touchless ID for faster airport screening

Google Wallet has joined the Transportation Security Administration’s (TSA) PreCheck Touchless ID program, allowing travelers to pass through security checkpoints using the TSA’s facial comparison technology. The system verifies identity by matching a live photo taken at a checkpoint with…

Bitdefender RealCheck analyzes videos for deepfakes and fraud

Bitdefender has announced the launch of Bitdefender RealCheck, a standalone solution that helps consumers evaluate the authenticity of video content circulating across digital platforms and whether it carries malicious intent, such as financial fraud, credential theft, or defamation. As deepfakes…