President Joe Biden on Tuesday signed an ambitious executive order on artificial intelligence that seeks to ensure the infrastructure needed for advanced AI operations, such as large-scale data centers and new clean power facilities, can be built quickly and at scale in the United States. The executive order directs federal agencies to accelerate large-scale AI […]

The UK government has introduced a consultation process (running until April 8, 2025) for a proposed ban on ransomware payments by the public sector, and by owners and operators of regulated critical national infrastructure (CNI). The ban on paying ransoms is coupled with more stringent reporting requirements. Organizations outside the ban, and legally able to […]

The World Economic Forum (WEF) Global Cybersecurity Outlook 2025 report examines the challenges and effects caused by an increasingly complex global cybersecurity landscape. The challenges primarily come from new technology, increasing criminal sophistication (both financially motivated and nation-affiliated groups), lengthening supply chains, geopolitical tensions, regulations, and the continuing skills gap. The primary effect is a […]

Cyber threat prevention solutions provider BforeAI on Tuesday announced raising $10 million in Series B funding. The latest funding, which brings the total raised by the company to more than $30 million, was led by Titanium Ventures, with participation from SYN Ventures, Karista, and Addendum Capital. BforeAI previously raised $15 million in a Series A […]

In a recent column, I wrote about the nearly ubiquitous state of artificial intelligence (AI) in software development, with a GitHub survey showing 92 percent of U.S.-based developers using AI coding tools both in and outside of work. Seeing a subsequent surge in their productivity, many are taking part in what’s called “shadow AI” by […]

Several apparently malicious NPM packages linked to Snyk raised some concerns, but the developer security firm said they were part of a research project and suggested that there was no risk to anyone. SourceCodeRed researcher Paul McCarty raised the alarm last week when he spotted the packages on the NPM Registry, warning that the packages […]

Orchid Security, a New York startup building technology in the identity-first security orchestration space, has raised $36 million in an unusually large seed round co-led by Team8 and Intel Capital. The company and its investors are making a big bet on using LLMs (large language models) to address the complexity of managing fragmented identity systems […]

SecurityWeek’s Cyber Insights 2025 examines expert opinions on the expected evolution of more than a dozen areas of cybersecurity interest over the next 12 months. We spoke to hundreds of individual experts to gain their expert opinions. Here we discuss what to expect with Cyber Threat Intelligence (CTI). CTI is valuable and beneficial to cybersecurity, […]

Enterprise software maker SAP on Tuesday announced the release of 14 new security notes as part of its January 2025 Patch Day. The most important of the notes are marked ‘hot news’ (the highest SAP severity rating) and address two critical vulnerabilities in NetWeaver AS for ABAP and ABAP Platform, both with a CVSS score […]

CISA and several other Western security agencies have published guidance to help operational technology (OT) owners and operators select secure products. The authoring agencies warn that threat actors are targeting particular OT products rather than specific organizations, pointing out that vulnerable OT products can grant attackers access to the systems of multiple victims across various […]