The passkey standard has reached a precarious moment. Let's not blow it, OK?

The FBI has asked the public for information on Chinese Salt Typhoon hackers behind widespread breaches of telecommunications providers in the United States and worldwide. [...]

Microsoft says it will soon fix a known issue causing CPU spikes when typing messages in recent versions of its classic Outlook email client. [...]

More than a year after a cyberattack on the government of Long Beach, California, the city is informing residents that information on nearly half a million people was leaked.

“This is my sixth crisis in 45 years of business, and almost all of them have followed a very similar pattern." -Hans Beckhoff

The certification highlights OPSWAT's ability to secure data transfers and safeguard critical OT and IT environments.

ISA won 2025 Gold TRENDY Award for Mimo, an AI-powered large language model that enhances understanding of industrial automation and OT cybersecurity.

He served under then-South Dakota Gov. Kristi Noem, who now heads up the Department of Homeland Security. The post CISA gets new No. 2: Madhu Gottumukkala appeared first on CyberScoop.

The vulnerability threat intelligence firm’s research reinforces a slew of recent reports warning about increased exploits in 2024. The post VulnCheck spotted 159 actively exploited...

More broadly, AI is viewed as being a double-edged sword in cybersecurity, one that can bolster both defensive and offensive operations. The post AI speeds up analysis work for humans, two federal...

In this episode of Uncanny Valley, our hosts explain how to prepare for travel to and from the United States—and how to stay safe.

Just because you're running Apple's rock-solid operating system doesn't mean your privacy is automatically protected. These simple steps will keep you safer.

Requests to block federal agencies from sharing federal data with states and to condition federal election funding were denied by Judge Colleen Kollar-Kotelly. The post Judge tosses citizenship...

In this piece, we'll break down the basics of a nearest neighbor attack, explore the APT28 compromise, and offer tips to help companies stay safe.

XRP Ledger SDK hit by supply chain attack: Malicious NPM versions stole private keys; users urged to update…

At least six organizations in South Korea have been targeted by the prolific North Korea-linked Lazarus Group as part of a campaign dubbed Operation SyncHole. The activity targeted South Korea's...

The Interlock ransomware gang posted samples from a trove of data it is claiming to have stolen from the company.

North Korean IT workers illicitly gaining employment at U.S. and European tech companies are increasingly using generative artificial intelligence in a variety of ways to assist them throughout...

Cybersecurity researchers have demonstrated a proof-of-concept (PoC) rootkit dubbed Curing that leverages a Linux asynchronous I/O mechanism called io_uring to bypass traditional system call...

As many as 159 CVE identifiers have been flagged as exploited in the wild in the first quarter of 2025, up from 151 in Q4 2024. "We continue to see vulnerabilities being exploited at a fast pace...

We’re gearing up for an exciting week in Las Vegas as Kaseya Connect 2025 brings together managed service providers and IT professionals from across the globe.

In this edition, Bill explores how intellectual curiosity drives success in cybersecurity, shares insights on the IAB ToyMaker’s tactics, and covers the top security headlines you need to know.

ELENOR-corp ransomware, a new version of Mimic, is targeting healthcare organizations using advanced capabilities

The threat actors behind the Darcula phishing-as-a-service (PhaaS) platform have released new updates to their cybercrime suite with generative artificial intelligence (GenAI) capabilities. "This...

Blue Shield of California exposed the health data of 4.7 million members to Google for years due to…

Russian threat actors have been abusing legitimate OAuth 2.0 authentication workflows to hijack Microsoft 365 accounts of employees of organizations related to Ukraine and human rights. [...]

The Evolving Healthcare Cybersecurity Landscape Healthcare organizations face unprecedented cybersecurity challenges in 2025. With operational technology (OT) environments increasingly targeted...

Google is rolling out an end-to-end encrypted email feature for business customers, but it could spawn phishing attacks, particularly in non-Gmail inboxes.

A critical security flaw has been disclosed in the Commvault Command Center that could allow arbitrary code execution on affected installations. The vulnerability, tracked as CVE-2025-34028,...

How It Works Threat reports often contain valuable Indicators of Compromise (IOCs) — hashes, IP addresses, domain names — that security teams need to operationalize quickly. But manually copying...