UK retail giant Marks & Spencer has confirmed it is managing a cybersecurity incident, following several days of service disruption that affected store operations and customer experiences. The...

StrictlyVC is heading to London on May 13, uniting top investors and entrepreneurs to spark meaningful connections and drive forward innovation. We’re thrilled to welcome industry leaders like...

Following the death of Pope Francis, the Vatican is preparing to organize a new conclave in less than 20 days. This is how they’ll tamp down on leaks.

Verizon’s 2025 Data Breach Investigations Report noted a 37% increase in ransomware attacks and a 34% increase in exploited vulnerabilities. The post Verizon discovers spike in ransomware and...

Verizon’s 2025 Data Breach Investigations Report noted a 37% increase in ransomware attacks and a 34% increase in exploited vulnerabilities. The post Verizon discovers spike in ransomware and...

​Microsoft has resolved a known issue causing Remote Desktop sessions to freeze on Windows Server 2025 and Windows 11 24H2 devices. [...]

Microsoft has fixed several known issues that caused Blue Screen of Death (BSOD) and installation issues on Windows Server 2025 systems with a high core count. [...]

Thousands of students, teachers and administrators had information stolen from the Baltimore City Public Schools system during a ransomware attack in February.

The FBI on Wednesday said it recorded a “staggering” $16.6 billion in cybercrime losses to businesses and individuals, the highest for both figures since the hub’s establishment in 2000.

The 2025 Verizon Data Breach Investigations Report (DBIR) reveals that vulnerability exploitation was present in 20% of breaches — a 34% increase year-over-year. To support the report, Tenable...

In the past year Microsoft observed AzureChecker(Storm-1977) launching password spray attacks, against cloud tenants in the education sector. The actor used AzureChecker.exe (CLI tool that is...

During an investigation, Mandiant identified evidence that a threat actor had discovered cloud access keys stored in plain text on a compromised on-premises network. The threat actor was able to...

ARMO’s research team uncovered two cryptojacking campaigns targeting a deliberately exposed Kubernetes honeypot running Apache Druid, leveraging the known CVE-2021-25646 vulnerability for...

Independent testing by SplxAI found GPT-4.1 was three times more likely than its predecessor to bypass security safeguards and allow intentional misuse The post Outside experts pick up the slack...

Cybersecurity researchers have detailed a malware campaign that's targeting Docker environments with a previously undocumented technique to mine cryptocurrency. The activity cluster, per Darktrace...

Fake Alpine Quest app laced with spyware was used to target Russian military Android devices, stealing location data,…

Do passcodes really protect you more from warrantless phone searches than biometrics? It's complicated.

Cybersecurity researchers have detailed a now-patched vulnerability in Google Cloud Platform (GCP) that could have enabled an attacker to elevate their privileges in the Cloud Composer workflow...

Russia-linked phishing attacks targeting NGOs with ties to Ukraine ask victims to join a video call, and result in them gaining access to Microsoft 365 accounts,

Marks & Spencer (M&S) has disclosed that it is responding to a cyberattack over the past few days that has impacted operations, including its Click and Collect service. [...]

The UK communications regulator Ofcom has banned leasing of "Global Titles," a special phone number type used in mobile network signaling, in a landmark decision to counter growing threats from...

An SSL.com vulnerability allowed attackers to issue valid SSL certificates for major domains by exploiting a bug in…

U.S. government agencies are required to bring their Microsoft 365 cloud services into compliance with a recent Binding Operational Directive. Here’s how Tenable can help.OverviewMalicious threat...

An Active! Mail zero-day remote code execution vulnerability is actively exploited in attacks on large organizations in Japan. [...]

KEY TAKEAWAYS Since early March 2025, Volexity has observed multiple Russian threat actors aggressively targeting individuals and organizations with ties to Ukraine and human rights. These recent...

As SaaS and cloud-native work reshape the enterprise, the web browser has emerged as the new endpoint. However, unlike endpoints, browsers remain mostly unmonitored, despite being responsible for...

The tech giant has released its second Secure Future Initiative (SFI) progress report, showcasing its ongoing efforts to improve cybersecurity

In what has been described as an "extremely sophisticated phishing attack," threat actors have leveraged an uncommon approach that allowed bogus emails to be sent via Google's infrastructure and...

A hands-on walkthrough of how to use Wiz to find sensitive data and uncover who can access it.

A new malware campaign utilizing NFC-relay techniques has been identified carrying out unauthorized transactions through POS systems and ATMs