The acquisition creates the world’s largest association for data, software, systems and standards professionals.

Learn more about how synthetic identities and AI-powered deepfakes enable fraud, sanctions evasion, and insider threats—and how enterprises can defend.

Multiple vulnerabilities have been discovered in VMware Aria Operations and VMware Tools, the most severe of which could allow for privilege escalation to root. VMware Aria is a multi-cloud...

The governmment continues to enforce contractors’ obligations to adhere to cybersecurity standards in their Department of Defense (DoD, now Department of War) contracts. A press release today...

Phantom Taurus has stolen sensitive data from ministries of foreign affairs, embassies, diplomats and telecom networks in the Middle East, Africa and Asia, researchers said. The post Palo Alto...

The vulnerability carries a severity score of 10 out of 10 and has caused alarm among cybersecurity experts who have criticized Fortra for not saying whether it has seen the bug being exploited.

People in the United Kingdom are no longer able to access content hosted on the Imgur, a popular media sharing site, after a UK data watchdog warned it may impose a monetary penalty on the parent...

A DHS inspector general report found that CISA doesn’t have plans for what to do with AIS if the Cybersecurity Information Sharing Act lapses. The post Watchdog: Cyber threat information-sharing...

Wiz and the leading CSPs are launching one of the largest hacking competitions ever to secure the open-source software powering the cloud ecosystem

The Federal Trade Commission (FTC) is suing Sendit's operating company and its CEO for unlawful collection of data from underage users, as well as deceptive subscription practices. [...]

A new phishing and malware distribution toolkit called MatrixPDF allows attackers to convert ordinary PDF files into interactive lures that bypass email security and redirect victims to credential...

A civil complaint filed by the federal government alleges that the Sendit app illegally collected data from users under 13 and tricked people into paying for subscriptions.

Canadian airline WestJet is informing customers that the cyberattack disclosed in June compromised their sensitive information, including passports and ID documents. [...]

The shutdown, confirmed by internet monitoring groups NetBlocks, Kentik and Proton VPN, began late Monday and continued into Tuesday, affecting both mobile and fixed-line services. Telephone...

Written by: Omar ElAhdan, Matthew McWhirt, Michael Rudden, Aswad Robinson, Bhavesh Dhake, Laith Al Background Protecting software-as-a-service (SaaS) platforms and applications requires a...

Today, Microsoft announced the release of Windows 11 25H2, also known as Windows 11 2025 Update. [...]

Apple has rolled out a series of important security updates across multiple platforms, addressing a vulnerability affecting the system font parser. These Apple security updates cover iOS, iPadOS,...

Google has launched a new AI-based protection in Drive for desktop that can shut down an attack before it spreads—but its benefits have their limits.

The Quadient DS-700iQ is a high-volume folder-inserter machine designed for automating the process of assembling, folding, and inserting mail into envelopes for large mailing operations. It...

The Quadient DS-700iQ is a high-volume folder-inserter machine designed for automating the process of assembling, folding, and inserting mail into envelopes for large mailing operations. It...

Roughly 50,000 Cisco Adaptive Security Appliance (ASA) and Firewall Threat Defense (FTD) appliances exposed on the public web are vulnerable to two vulnerabilities actively leveraged by hackers. [...]

CERT Polska has coordinated disclousure of 9 vulnerabilities (CVE-2025-7063, CVE-2025-7065 and from CVE-2025-8116 to CVE-2025-8122) found in PAD CMS software.

Google can create and manage passkeys from your browser, but the process is more involved than it suggests.

Western Digital has released firmware updates for multiple My Cloud NAS models to patch a critical-severity vulnerability that could be exploited remotely to execute arbitrary system commands. [...]

Congress should protect makers of devices and messaging apps from lawsuits when their products are infected with spyware, a think tank says, with the goal of improved threat hunting and...

Broadcom has patched a high-severity privilege escalation vulnerability in its VMware Aria Operations and VMware Tools software, which has been exploited in zero-day attacks since October 2024. [...]

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) Catalog by adding five new security flaws that are confirmed to be under...

VMware certification is surging as IT teams face hybrid infra, cloud complexity, & rising risks. See how VMUG Advantage helps practitioners & enterprises turn certification into stronger security...

Microsoft says it has "partially" resolved a known issue that caused problems when trying to play DRM-protected video in Blu-ray/DVD/Digital TV applications. [...]

Hackers are actively exploiting a critical vulnerability (CVE-2025-32463) in the sudo package that enables the execution of commands with root-level privileges on Linux operating systems. [...]