SecurityWeek

RCE Bug Lurked in Apache ActiveMQ Classic for 13 Years

RCE vulnerability in Apache ActiveMQ Classic that remained unnoticed for 13 years can be exploited via an Jolokia API.

Penta Security Wins 8 Categories at the 2026 Cybersecurity Excellence Awards

Leading cybersecurity firm, Penta Security, recognized across web application security, data security, passwordless ...

Naftiko Launches Alpha of Open-Source Framework That Turns API Sprawl Into Governed Capabilities for AI

Large enterprises manage an average of 1,295 SaaS applications and over 14,000 internal APIs. PARIS, ÎLE-DE-FRANCE, ...

API Key Leak Exposes AWS, Stripe, OpenAI Credentials Across Thousands of Sites

Researchers found thousands of exposed API keys across 10 million webpages, including AWS, Stripe, and OpenAI credentials left vulnerable in public code.

New Fortinet Flaw Allows Unauthorized Access to Enterprise Systems

Fortinet warns of a critical FortiClient EMS zero-day vulnerability that is currently being exploited, allowing attackers to ...
Security Boulevard

The Complete Guide to Passwordless Authentication in 2026: How It Works, Why It Matters, and How to Implement It

Passwords are responsible for 80% of data breaches. Passwordless authentication eliminates the attack surface entirely. Here ...

Critical Cisco IMC auth bypass gives attackers Admin access

Cisco has patched several critical and high-severity vulnerabilities, including an Integrated Management Controller (IMC) ...
Microsoft

Inside an AI‑enabled device code phishing campaign

A new wave of device code phishing shows how threat actors are scaling account compromise using AI and end‑to‑end automation.

Anchor Browser Launches OmniConnect, Eliminating the #1 Cause of Enterprise Computer Use Failure

New infrastructure integration with 1Password gives computer use agents self-healing authentication - solving the ...
Blockonomi

Dangerous AI Routers Targeting Cryptocurrency Developers: A New Security Threat

UC researchers discovered 26 malicious LLM routers stealing crypto credentials. Learn how these AI tools pose security risks to blockchain developers.
Biometric Update

USCIS explores remote identity verification for immigration services

U.S. Citizenship and Immigration Services (USCIS) issued a Request for Information from on remote document authentication and ...
Dark Reading

Fortinet Issues Emergency Patch for FortiClient Zero-Day

The authentication bypass flaw, tracked as CVE-2026-35616, is the latest in a series of Fortinet vulnerabilities that have ...