Cybersecurity News Hero

Combing the world for the cybersecurity stories you need to know.

Cybersecurity News
Windows 10 end of life
When Windows 10 Dies, Security Risks Multiply
October 24, 2025
As new versions of a widely available operating system like Windows become available, the company offering the software must make decisions regarding the ongoing support and updates for older iterations. In June 2021, Microsoft announced…
Read More >
Insider Risk Report Fortinet
The Human Factor in Cybersecurity
October 21, 2025
Cybersecurity headlines tend to focus on the outside world—state-sponsored hackers, ransomware gangs, and criminal networks. But Fortinet’s latest Insider Risk Report, produced in partnership with Cybersecurity Insiders, shifts the focus to what’s happening inside organizations.…
Read More >
DevSecOps AI Black Duck
DevSecOps Hits AI-Fueled Reality Check
October 17, 2025
A new global survey (sponsored by Black Duck Software) on the use of AI finds DevSecOps teams are deploying code daily or even faster. However, those same professionals indicate security onboarding remains stubbornly manual. Security…
Read More >
AvePoint AI governance intelligent data
Why Governance, Not Innovation, Will Define the Next Era of Enterprise Intelligence
October 16, 2025
Several years into an ongoing AI explosion, the use of AI in enterprise environments is no longer a hypothetical future outcome, but an operational reality. Unfortunately, as organizations continue to accelerate AI adoption, trust in…
Read More >
Cisco SNMP vulnerability
Cisco Patches Actively Exploited Zero-Day in IOS and IOS XE SNMP Subsystem
October 14, 2025
On September 24, 2025, Cisco Systems issued security advisory CVE-2025-20352, which communicated a security vulnerability related to its Cisco IOS Software and Cisco IOS XE Software. Cisco IOS and Cisco IOS XE are operating systems…
Read More >
OT guidance NCSC CISA
Seven Nations Unite on New OT Cybersecurity Guidance
October 13, 2025
In an age of growing convergence of information technology (IT) and operational technology (OT) systems, it is more important than ever to ensure that both are sufficiently protected against cyberthreats. Recent attacks on critical infrastructure…
Read More >
AI classroom students Keeper Security
AI in the Classroom: Promise, Peril, and the Growing Cybersecurity Gap
October 13, 2025
Artificial intelligence has moved into classrooms faster than most schools can keep up. Teachers use it to grade assignments, plan lessons, and spark student creativity. Students use it for research, writing help, and coding projects.…
Read More >
Phantom Taurus advanced persistent threat Unit42
Chinese Hackers Target Diplomacy with Covert Email Breaches
October 12, 2025
With cyber risks on the rise, many state-aligned threat groups have either arrived on the scene or evolved to take advantage of vulnerabilities in the modern landscape. Palo Alto Networks’ threat intelligence and incident response…
Read More >
Ontinue identity threat intelligence cybersecurity
Tokens, SVGs, and Thumb Drives: Inside 2025’s Identity-Centric Attack Wave
October 07, 2025
Cloud-based security service provider Ontinue recently published the 1H 2025 Threat Intelligence Report, which explores the most common cyber risks from the first half of the year. The major findings include threat actors increasingly focusing…
Read More >
Barracuda phishing OAuth Microsoft
Phishing Gangs Expand Targets to Microsoft, Google, and Twilio
October 06, 2025
Phishing has always been a moving target, but the latest data shows just how fast attackers are evolving. Email-based scams that once relied on crude tricks are now weaponizing trusted services, slipping past filters, and…
Read More >
ForcedLeak Salesforce AI agent
Salesforce Vulnerability Chain Exposes AI Agent Risks
October 03, 2025
The role of AI agents continues to expand rapidly within enterprise workflows. A case in point is the Salesforce Agentforce solution. The AI-powered platform allows enterprises to customize autonomous agents to streamline customer engagements and…
Read More >
AI-driven development AI coding Bugcrowd
AI-Driven Development Fuels New Vulnerabilities
October 03, 2025
In the past several years, AI has gone through massive growth, rapidly expanding in capabilities, popularity, and reach. This has led to an explosion of AI-driven development and faster release cycles, but it has also…
Read More >
FBI FLASH Alert Salesforce
FBI Warns of New Salesforce Data Extortion Campaigns
September 30, 2025
The FBI has issued a FLASH alert warning of new data theft and extortion campaigns aimed at Salesforce users. Investigators say two cybercriminal groups are breaking into Salesforce instances through social engineering schemes and compromised…
Read More >
StealC phishing credential theft
How Steganography and Bitbucket Are Delivering the StealC Information Stealer
September 29, 2025
A user opens their email to find what looks to be a legitimate—and urgent—message purporting to be from Meta Support. The email claims that the user’s account has been reported and is scheduled to be…
Read More >
Cursor IDE developer code autorun
New Vulnerability Exposes Developers to Silent Code Execution
September 26, 2025
Developers using the popular AI-powered code editor Cursor may be exposing themselves to silent attacks the moment they open a project. Oasis Security uncovered a critical vulnerability that, unlike the typical IDE flaws rooted in…
Read More >
Kering Gucci Balenciaga data breach
Luxury Fashion Faces a Cyber Reckoning: Kering Breach Exposes Millions
September 24, 2025
Luxury fashion group Kering, which includes such high-end brands as Gucci, Balenciaga, and Yves Saint Laurent, has recently been hit by a major data breach. Malicious actors hacked Kering’s systems to steal vast amounts of…
Read More >
SBOM software supply chain
Why a Shared SBOM Vision Could Be the Key to Securing the Software Supply Chain
September 23, 2025
In an era of increasingly interconnected digital landscapes, the software supply chain is a crucial area to secure, affecting organizations across all sectors. Software supply chain attacks are on the rise among modern threats, and…
Read More >
npm worm supply chain credential theft
How a Self-Propagating npm Attack Is Hunting Developer Secrets
September 23, 2025
A developer runs a routine update, the kind that happens dozens of times a week. Nothing unusual flashes on the screen. But buried inside the new package is a hidden file called bundle.js. The moment…
Read More >
Subscribe for the Latest News

"*" indicates required fields

This field is for validation purposes and should be left unchanged.
Consent*
Webinars
Establishing a Proactive Third-Party Risk Management Strategy with Avon
Register Now
Identity Security Essentials: Protecting Against Modern Cyberthreats
Register Now
No More Weak Links: Unleashing NDR and SASE for Hybrid Networks
Register Now