A new cybersecurity Executive Order aims to modernize federal cybersecurity with key provisions for post-quantum encryption, AI risk and secure software development.On June 6, 2025, the White...

Microsoft confirmed on Tuesday that it's pushing a revised security update targeting some Windows 11 24H2 systems incompatible with the initial update released during this month's Patch Tuesday. [...]

An ISC2 study found that 90% of security hiring managers would consider entry-level candidates with only previous IT work experience

New research from Bitsight reveals that thousands of internet-connected cameras, originally intended for protection, are now creating serious... The post Bitsight reveals global surge in exposed,...

Researchers from SentinelOne have linked the PurpleHaze and ShadowPad activity clusters to China-aligned threat actors with high confidence.... The post SentinelOne links ShadowPad and PurpleHaze...

Xona and Forescout have announced a partnership to deliver secure remote access and enhanced cybersecurity for operational technology... The post Xona, Forescout partner to strengthen OT...

As part of its ongoing commitment to advancing innovation and the safe adoption of new technologies for maritime... The post Cydome announces membership in NVIDIA Inception Program appeared first...

iOT365, a vendor of OT (operational technology) and IoT cybersecurity, announced a partnership with Check Point Software Technologies... The post iOT365, Check Point Software partner to offer...

The products affected by the issues are part of the Salesforce OmniStudio suite, including FlexCards and Data Mappers

A coordinated campaign of brute-force attacks using hundreds of unique IP addresses targets Apache Tomcat Manager interfaces exposed online. [...]

Kaspersky GReAT experts discovered a new malicious implant: BrowserVenom. It enables a proxy in browsers like Chrome and Mozilla and spreads through a DeepSeek-mimicking phishing website.

Phishing-as-a-Service, or PhaaS, is a cybercrime model where threat actors offer phishing tools, kits and services to other attackers, often via subscription or one-time payment.

An international law enforcement action codenamed "Operation Secure" targeted infostealer malware infrastructure in a massive crackdown across 26 countries, resulting in 32 arrests, data seizures,...

Microsoft has resolved a known issue that caused some Windows Server 2025 domain controllers to become unreachable after a restart and triggered app or service failures. [...]

Malwarebytes claims 44% of mobile users are exposed to scams every day

Microsoft has fixed a known issue causing authentication problems on Windows Server domain controllers after installing the April 2025 security updates. [...]

Microsoft has patched two zero days this month, one of which is being exploited in the wild

New data from Cyble points to a significant uptick in software supply chain attacks during April and May,... The post Cyble finds escalating cyber threats in software supply chains across critical...

Microsoft today released security updates to fix at least 67 vulnerabilities in its Windows operating systems and software. Redmond warns that one of the flaws is already under active attack, and...

Rugged devices are essential for extreme environments, but organizations must realize that their physical strength does not mean they’re safe from cyber threats.

On 2025-06-11, a campaign was reported, involving an unknown actor, gaining initial access via End-user compromise, while using Password spraying, Resource enumeration, targeting Microsoft...

Adobe on Tuesday pushed security updates to address a total of 254 security flaws impacting its software products, a majority of which affect Experience Manager (AEM). Of the 254 flaws, 225 reside...

Cybersecurity researchers have uncovered over 20 configuration-related risks affecting Salesforce Industry Cloud (aka Salesforce Industries), exposing sensitive data to unauthorized internal and...

Many new Apple Intelligence features happen on your device rather than in the cloud. While it may not be flashy, the privacy-centric approach could be a competitive advantage.

June 2025 Patch Tuesday fixes 66 bugs, including a zero-day in WebDAV. Update Windows, Office, and more now to block active threats.

The financially motivated threat actor known as FIN6 has been observed leveraging fake resumes hosted on Amazon Web Services (AWS) infrastructure to deliver a malware family called More_eggs. "By...

A researcher tells CyberScoop that up to 80% of enterprises could be vulnerable to the zero-day Microsoft patched in its June update. The post Microsoft Patch Tuesday addresses 66 vulnerabilities,...

A researcher tells CyberScoop that up to 80% of enterprises could be vulnerable to the zero-day Microsoft patched in its June update. The post Microsoft Patch Tuesday addresses 66 vulnerabilities,...

Microsoft has released its monthly security update for June 2025, which includes 66 vulnerabilities affecting a range of products, including 10 that Microsoft marked as “critical.”

Green, R-Tenn., has championed legislation on the cyber workforce, renewal of a cyber threat information sharing bill and more. The post House Homeland Chairman Mark Green’s departure could leave...