ICO Warns of Student-Led Data Breaches in UK Schools
Over half (57%) of insider data breaches in UK schools are caused by students, with many children being set up for “a life of cybercrime,” a…
CVE-2025-10127 (CVSS 9.8): Critical Daikin Flaw Could Give Hackers Full System Access
Ddos September 12, 2025 The Cybersecurity and Infrastructure Security Agency (CISA) has issued a security advisory about a critical flaw in…
Unveiling VoidProxy: The Phishing-as-a-Service That Bypasses MFA
Ddos September 12, 2025 Domain pattern for Google phishing pages | Image: Okta Okta Threat Intelligence has published a detailed analysis of…
PyInstaller Flaw : Are Your Python Apps Vulnerable to Hijacking?
Ddos September 12, 2025 The PyInstaller project has released fixes for a local privilege escalation vulnerability that affected applications…
New VMScape attack breaks guest-host isolation on AMD, Intel CPUs
A new Spectre-like attack dubbed VMScape allows a malicious virtual machine (VM) to leak cryptographic keys from an unmodified…
France: Three Regional Healthcare Agencies Targeted by Cyber-Attacks
French regional healthcare agencies have been targeted by cyber-attacks compromising the personal data of patients across the country. On…
KillSec Ransomware Hits Brazilian Healthcare IT Vendor
A ransomware attack claimed by the group KillSec has disrupted MedicSolution, a software provider serving Brazil’s healthcare sector. On…
Adobe Releases Emergency Patch for Critical Flaw in Commerce and Magento
Threat researchers from the Sansec Forensics Team have warned about a critical vulnerability in Adobe Commerce and Magento, an open-source…
Microsoft, Adobe, SAP deliver critical fixes for September 2025 Patch Tuesday
On September 2025 Patch Tuesday, Microsoft has released patches for 80+ vulnerabilities in its various software products, but the good news is…
GitLab Urges Immediate Update for Two High-Severity Flaws
GitLab has released new versions of its Community and Enterprise Editions to address several security vulnerabilities, including two critical…
Plex tells users to change passwords due to data breach, pushes server owners to upgrade
Media streaming company Plex has suffered a data breach and is urging users to reset their account password and enable two-factor…
Magento and Adobe SessionReaper Vulnerability Exposes Thousands Of Online Stores to Attacks
Adobe has issued an emergency security patch for a critical vulnerability in its Magento and Adobe Commerce platforms, dubbed…
Innovator Spotlight: Seraphic
Reinventing Browser Security for the Enterprise The Browser: Enterprise’s Biggest Blind Spot On any given day, the humble web browser is…
Wealthsimple Confirms Data Breach After Supply Chain Attack
Canadian fintech firm Wealthsimple has confirmed a data breach that exposed sensitive customer information. The incident, detected on August…
GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module
Cybersecurity researchers have lifted the lid on a previously undocumented threat cluster dubbed GhostRedirector that has managed to…
Iranian Hackers Exploit 100+ Embassy Email Accounts in Global Phishing Targeting Diplomats
An Iran-nexus group has been linked to a “coordinated” and “multi-wave” spear-phishing campaign targeting the…
Salesloft Takes Drift Offline After OAuth Token Theft Hits Hundreds of Organizations
Salesloft on Tuesday announced that it’s taking Drift temporarily offline “in the very near future,” as multiple companies…
WhatsApp warns of 'attack against specific targeted users'
Infosec In brief A flaw in Meta’s WhatsApp app “may have been exploited in a sophisticated attack against specific targeted…
How Businesses Can Protect Themselves Against Data Breaches
The Threat Landscape According to the Identity Theft Resource Center, one billion people have been victims of a data breach in just the second…
Weekly Cybersecurity News Recap : WhatsApp, Chrome 0-Day, AI Ransomware and Cyber Attacks
Welcome to your Weekly Cybersecurity News Recap. This week, the digital world faced a fresh wave of threats, underscoring the relentless…
Banking-as-a-Service
BaaS on a Global Scale Banking-as-a-Service (BaaS) solutions bring exciting new revenue streams to the banking world. This partnership model…
Data Privacy Claims on The Rise as Evolving Regulation, Wave of Litigation, And AI Shape Future Risk Landscape
Cyber claims have continued their upwards trend over the past year, driven in large part by a rise in data and privacy breach incidents. The…
TransUnion Data Breach Impacts 4.5 Million US Customers
Credit rating giant TransUnion has suffered a data breach, which has impacted the personal information of nearly 4.5 million Americans. The…
Google Warns Salesloft OAuth Breach Extends Beyond Salesforce, Impacting All Integrations
Google has revealed that the recent wave of attacks targeting Salesforce instances via Salesloft Drift is much broader in scope than…
Nevada Confirms Ransomware Attack, State Data Stolen
A security incident impacting the state of Nevada has been confirmed to be a ransomware attack. Nevada’s chief information officer (CIO)…
ShadowSilk Campaign Targets Central Asian Governments
A series of cyber-attacks against government organizations in Central Asia and the Asia-Pacific has been linked to a threat cluster known as…
New Data Theft Campaign Targets Salesforce via Salesloft App
Salesforce customers have again been targeted in a “widespread data theft campaign,” this time via compromised OAuth tokens…
HOOK Android Trojan Adds Ransomware Overlays, Expands to 107 Remote Commands
Cybersecurity researchers have discovered a new variant of an Android banking trojan called HOOK that features ransomware-style overlay…
Digital Nomads and Cybersecurity: Navigating the New Frontier of Work
We live in an era where your next big idea could come from an employee working out of a cafe in Tokyo or on the beach in Bali. The digital…
Online PDF Editors Safe to Use? Detailed Analysis of Security Risks Associated With It
Online PDF editors have become common tools for quick document manipulation, providing convenient alternatives to desktop software. However,…
Ten Years of Resilience, Innovation & Community-Driven Defense
The world of cybersecurity has been a wild ride over the last decade. As attackers stepped up their game year over year, the security…
Weekly Cybersecurity News Recap : Apple 0-day, Chrome, Copilot Vulnerabilities and Cyber Attacks
This past week was packed with high-severity disclosures and active exploitation reports across the global threat landscape. At the forefront,…
How Dealerships Can Protect Their Customers’ Financial Data
Dealerships handle sensitive information, such as credit applications and personal financial records, daily. A data breach can lead to…
How to Develop a Business Continuity Plan for Cyber Security: A Step-by-Step Guide
The figures are appalling – 60% of small businesses fail within six months of a cyber-attack. Cyber attackers are all around us, and…
Wazuh for Regulatory Compliance
Organizations handling various forms of sensitive data or personally identifiable information (PII) require adherence to regulatory compliance…
Colt Admits Customer Data Likely Stolen in Cyber-Attack
Colt Technology Services has confirmed that cybercriminals could leak customer data. This is despite previously claiming the recent cyber…
Orange Data Breach Raises SIM-Swapping Attack Fears
A threat actor has compromised 850,000 Orange Belgium customer accounts, with SIM card numbers and Personal Unblocking Key (PUK) codes among…
Tales from the cloud trenches: The Attacker doth persist too much, methinks
As a result of a recent threat hunt, we observed attacker activity originating from a leaked long-term AWS access key (AKIA*). Within a…