SecurityWeek

Chrome Extensions With 900,000 Downloads Caught Stealing AI Chats

Two malicious Chrome extensions with over 900,000 downloads were exfiltrating browser data and conversations with ChatGPT and ...
SecurityWeek

Several Code Execution Flaws Patched in Veeam Backup & Replication

CISA’s Known Exploited Vulnerabilities (KEV) catalog includes four weaknesses found in the product in recent years, including ...
SecurityWeek

Vulnerability in Totolink Range Extender Allows Device Takeover

A vulnerability in Totolink EX200 leads to the launch of an unauthenticated root-level Telnet service, allowing complete ...
SecurityWeek

Cybersecurity Firms Secured $14 Billion in Funding in 2025

Cybersecurity companies raised a total of nearly $14 billion in 2025, according to cybersecurity recruitment firm Pinpoint ...
SecurityWeek

Hackers Exploit Zero-Day in Discontinued D-Link Devices

Threat actors are exploiting CVE-2026-0625, a critical zero-day vulnerability in discontinued D-Link devices for remote code ...
SecurityWeek

Complex Routing, Misconfigurations Exploited for Domain Spoofing in Phishing Attacks

Threat actors abuse complex routing and misconfigured protections to spoof domains and send phishing emails that appear to be ...
Opinion
SecurityWeekOpinion

The Loudest Voices in Security Often Have the Least to Lose

Why panic-driven and hype-fueled advice fails in practice and why experienced security leaders prioritize pragmatic, accountable decision-making over noise.