Rising geopolitical tensions are reflected (or in some cases preceded) by cyber operations, while technology itself has become politicized. Let’s admit it: we are in the middle of it....
Like many organizations, Goodwill of Greater Grand Rapids faces the risk of cybersecurity attacks. Recently, we experienced an attack that disrupted a portion of our network environment. This...
A pro-Ukrainian group called Bearlyfy has been attributed to more than 70 cyber attacks targeting Russian companies since it first surfaced in the threat landscape in January 2025, with recent...
Grok — which is owned by Elon Musk’s xAI — will be forced to pay damages of €100,000 ($115,000) a day if it does not comply, according to the ruling.
FreeBSD security advisory (AV26-291)
Ericsson security advisory (AV26-292)
Brian Krebs reports: A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services...
WatchGuard security advisory (AV26-289)
[Control systems] Siemens security advisory (AV26-290)
Senators agreed by unanimous consent early Friday morning to a proposal that funds the Transportation Security Administration (TSA) and other critical agencies in the Department of Homeland...
The Lifenet network, built by medical technology company Stryker, is a system emergency crews use to transmit a patient’s electrocardiogram to a receiving hospital while an ambulance is still en...
The modern enterprise attack surface is no longer confined to corporate networks and endpoints; it now stretches across cloud workloads, supply chains, remote devices, and even operational...
Count the chairman of the Senate Armed Services Committee among the defense-policy experts who say the National Defense Strategy is inadequate in key ways. At a Thursday hearing, Sen. Roger...
Most organizations start by using Microsoft Copilot the way it looks in demos: type a question, get an answer. That works for exploration. For repeatable operational work, it gets expensive quickly.
Weaponizing Legitimate Low-Level Tools: How Ransomware Evades Antivirus Protections Table of Contents Introduction The “Dual-Use Dilemma”: Why Attackers Prefer Legitimate Tools Why Antivirus...
A year-long effort to strengthen cybersecurity and modernize tech at U.S. intelligence agencies has led to policy standards for using AI to bolster cyber defenses, a shared repository of all apps...
The European Union wants to assist with and help modernize a cornerstone cyber cataloging program after a contracting scare last year prompted renewed discussions and concerns over how to sustain...
Verified by Microsoft. Built for Azure. Secured by Wiz.
Cybersecurity researchers have disclosed three security vulnerabilities impacting LangChain and LangGraph that, if successfully exploited, could expose filesystem data, environment secrets, and...
It’s not just Hormuz. There’s a second strait in the Middle East vital to global energy markets that Iran is threatening to close if President Donald Trump fails to wind down the Iran war. The...
Alleged RedLine operator faces 30 years, FAUX#ELEVATE compromises enterprises in 30 seconds, and TeamPCP launches cascading supply chain attacks.
A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the Discussions section of various projects, to trick users into...
Vulns in Dutch football club's systems didn't just expose data – they let outsiders play with accounts, and even lift stadium bans Dutch football giant AFC Ajax has admitted to a data breach after...
In this week’s weekly roundup, The Cyber Express brings together the latest developments in global cybersecurity news, from high-profile ransomware attacks to emerging risks in AI adoption and...
CERT Polska has received a report about 3 vulnerabilities (from CVE-2026-25099 to CVE-2026-25101) found in Bludit software.
AI agents behave like humans and carry the same risk profile. They operate non-deterministically, can be manipulated through prompt engineering and lack any
US and UK forces seeking tech tender with an April 3 deadline The UK and US are looking for technology to counter the threat posed by underwater drones to ships, harbors and other critical...
This year, AI agents took the center stage – as a defensive capability, but more pressingly as a risk many organizations haven't caught up with
Agentic GRC automates workflows, forcing teams to rethink their role beyond operations. Anecdotes explains why the biggest challenge is shifting from execution to risk leadership. [...]
Part 5: How to achieve resilience, auditability, and AI-scale identity—without betting the bank on someone else’s control plane