Google’s $32B Wiz Acquisition Set to Become Israel’s Largest Tech Deal Ever
Google’s $32 billion Wiz acquisition is nearing completion, marking a record Israeli tech exit and a major bet on cloud security.
The post Google’s $32B...
OpenAI’s Promptfoo Deal Plugs Agentic AI Testing Gap
OpenAI’s latest acquisition addresses a security need Jamieson O’Reilly, security advisor at OpenClaw, raised during an exclusive interview with Infosecurity - Read more
Iranian MOIS Actors & the Cyber Crime Connection
Key Points
Iran-linked actors are increasingly engaging with the cyber crime ecosystem. Their activity suggests a growing reliance on criminal tools, services, and operational models...
When your DDoS mitigation provider goes down: Why traffic control can’t be outsourced
Since the headline-grabbing outages of 2021, we’ve had recurring conversations with large enterprises asking some version of the same question.
Do we really want our...
CVE-2026-21262 SQL Server Elevation of Privilege Vulnerability
Improper access control in SQL Server allows an authorized attacker to elevate privileges over a network. - Read more
Honeywell IQ4x BMS Controller
View CSAF
Summary
Successful exploitation of this vulnerability could allow an unauthorized attacker to access controller management settings, control components, disclose information, or cause a denial-of-service...
BeatBanker: A dual‑mode Android Trojan
Recently, we uncovered BeatBanker, an Android‑based malware campaign targeting Brazil. It spreads primarily through phishing attacks via a website disguised as the Google Play...
Buffer Overflow in LLDP OUI field
CVSSv3 Score: 7.7
A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in FortiSwitchAXFixed may allow an...
Authentication rate-limit bypass permits to brute force admin logins
CVSSv3 Score: 7.3
An Improper Control of Interaction Frequency vulnerability in FortiWeb may allow a remote unauthenticated attacker to bypass...
Authentication Lockout Bypass via Race Condition
CVSSv3 Score: 3.4
An improper restriction of excessive authentication attempts vulnerability in FortiManager and FortiAnalyzer may allow an attacker to...
Latest article
Deploy AWS applications and access AWS accounts across multiple Regions with IAM Identity Center
If your organization relies on AWS IAM Identity Center for workforce access, you can now extend that access across multiple AWS Regions...
CVE-2026-26017 CoreDNS ACL Bypass
Information published. - Read more
Malicious npm Packages Posing as Solara Executor Target Discord, Browsers, and Crypto Wallets
JFrog security researchers Guy Korolevski and Meitar Palas uncovered a sophisticated supply chain attack on the npm ecosystem on March 12, 2026, in which...
Ivanti Connect Secure Zero-Day Vulnerability
What are the Vulnerabilities? Ivanti disclosed two vulnerabilities, CVE-2025-0282 and CVE-2025-0283,...
