Amazon EC2 SSM Agent Flaw Patched After Privilege Escalation via Path Traversal

/in

Cybersecurity researchers have disclosed details of a now-patched security flaw in the Amazon EC2 Simple Systems Manager (SSM) Agent that, if successfully exploited, could permit an attacker to achieve privilege escalation and code execution.
The vulnerability could permit an attacker to create directories in unintended locations on the filesystem, execute arbitrary scripts with root privileges,

The Hacker News – ​Read More

How Meta’s new teen accounts aim to keep your kids safer on Facebook

/in

These teen accounts for Facebook and Messenger are packed with restrictions.

Latest stories for ZDNET in Security – ​Read More

Network Access Vendor Portnox Secures $37.5 Million Investment

/in

Texas network access control startup closes a Series B round led by Updata Partners and brings the total raised to $60 million.

The post Network Access Vendor Portnox Secures $37.5 Million Investment appeared first on SecurityWeek.

SecurityWeek – ​Read More

Vulnerability Management Firm Spektion Emerges From Stealth With $5 Million in Funding

/in

Spektion has emerged from stealth mode with $5 million in seed funding for its vulnerability management solution.

The post Vulnerability Management Firm Spektion Emerges From Stealth With $5 Million in Funding appeared first on SecurityWeek.

SecurityWeek – ​Read More

Octane Raises $6.75M for Smart Contract Security Tech

/in

San Francisco smart contract security startup closes a $6.75 million seed funding round led by Archetype and Winklevoss Capital.

The post Octane Raises $6.75M for Smart Contract Security Tech appeared first on SecurityWeek.

SecurityWeek – ​Read More

Google fixes two Android zero-day bugs actively exploited by hackers

/in

The most severe security bug can be exploited without user interaction, per Google.

Security News | TechCrunch – ​Read More

DNS: The Secret Weapon CISOs May Be Overlooking In the Fight Against Cyberattacks

/in

While often relegated to a purely functional role, DNS offers unparalleled opportunities for preemptive defense against cyberattacks.

The post DNS: The Secret Weapon CISOs May Be Overlooking In the Fight Against Cyberattacks appeared first on SecurityWeek.

SecurityWeek – ​Read More

Anecdotes Raises $30 Million for Enterprise GRC Platform

/in

Anecdotes has raised $55 million in an extended Series B funding round that brings the total raised by the company to $85 million. 

The post Anecdotes Raises $30 Million for Enterprise GRC Platform appeared first on SecurityWeek.

SecurityWeek – ​Read More

SAP Patches Critical Code Injection Vulnerabilities

/in

SAP released 20 security notes on April 2025 patch day, including three addressing critical code injection and authentication bypass flaws.

The post SAP Patches Critical Code Injection Vulnerabilities appeared first on SecurityWeek.

SecurityWeek – ​Read More

Canada says China-linked information campaign spreading false narratives about prime minister

/in

A China-linked information campaign is using a network of WeChat accounts to attack Canadian Prime Minister Mark Carney ahead of the country’s upcoming federal election, authorities said.

The Record from Recorded Future News – ​Read More