Cybersecurity News Hero

Combing the world for the cybersecurity stories you need to know.

Cybersecurity News
Qualys Linux core dumps
New Vulnerabilities in Linux Core Dump Handlers Expose Password Hashes
June 23, 2025
Security researchers at Qualys have discovered two new vulnerabilities in popular Linux core dump handlers that could let local attackers extract sensitive data—including password hashes—from crashed programs. The flaws, tracked as CVE-2025-5054 and CVE-2025-4598, affect…
Read More >
ClickFix CAPTCHA phishing
ClickFix and the New Face of Phishing: Why Your Browser Is the Next Battleground
June 23, 2025
Phishing has taken a new and unsettling turn with the emergence of ClickFix, a browser-based tactic that doesn’t rely on fake login pages or malicious downloads. ClickFix masquerades as a security feature, using convincing visual…
Read More >
Victoria's Secret retail Scattered Spider
Victoria’s Secret and the Fashion Industry’s Growing Cybersecurity Crisis
June 17, 2025
On June 3rd, major clothing retailer Victoria’s Secret disclosed a cybersecurity incident affecting the company’s information technology (IT) systems. The attack led to Victoria’s Secret shutting down their website from May 26th to 29th while…
Read More >
Oasis OneDrive OAuth
Unpacking the OneDrive OAuth Crisis
June 13, 2025
Open Authorization (OAuth) is a standard for allowing apps and services to log in to one another while keeping confidential information private, such as when users sign in on a third-party site using their Facebook…
Read More >
Kettering health ransomware
Ransomware Hits Ohio Hospital Network
June 09, 2025
A ransomware attack has knocked out key systems across Kettering Health, a nonprofit network of 14 hospitals and more than 120 outpatient facilities in western Ohio. The incident triggered a large-scale technology outage, forcing the…
Read More >
Adidas digital supply chain
Adidas Discloses Data Breach Linked to Third-Party Customer Service Provider
June 09, 2025
On May 23rd, 2025, athletic apparel company Adidas published a notice disclosing a data breach originating from a cyberattack targeting a third-party customer service provider. The disclosure discusses limited information regarding the source of the…
Read More >
AWS S3 access Aqua Security
AWS Defaults Could Lead to Service Takeover
June 06, 2025
Identity and access management (IAM) is one of the most significant factors in cybersecurity today, yet it is often overlooked or deprioritized in favor of more direct threat prevention technologies and practices. Organizations often struggle…
Read More >
Operation Roundpress Russia Fancy Bear
Kremlin-Linked Hackers Escalate Global Cyber Espionage to Aid War in Ukraine
June 02, 2025
The cyberthreat group known as Fancy Bear and Sednit, among a litany of other names, has been active for over 20 years. In that time, the group is supposed to have been responsible for a…
Read More >
Roblox data privacy lawsuit
Lawsuit Accuses Roblox of Covertly Harvesting Kids’ Data
May 29, 2025
The issue of children’s safety online is an ever-present concern for parents as well as data privacy advocates. As children are allowed access to internet-facing services at a younger and younger age, the tension between…
Read More >
European Union EUVD ENISA
EUVD Aims to Strengthen Cyber Resilience Through Interconnected Intelligence
May 28, 2025
Over time, and especially in recent years, IT environments and attack vectors have grown more and more complex, making it difficult for organizations to defend against rising threats. Multi-cloud environments, remote and hybrid working arrangements,…
Read More >
K-Loader Remcos RAT PowerShell
Qualys TRU Uncovers Fileless PowerShell Loader Delivering Remcos RAT
May 27, 2025
The Qualys Threat Research Unit (TRU) recently uncovered a sophisticated new malware campaign that exemplifies the growing threat of fileless attacks. The culprit is a novel PowerShell-based shellcode loader, informally known as “K-Loader,” that delivers…
Read More >
Coalition cyber insurance
Cyber Claims Stabilize, But Business Email Compromise and Ransomware Still Reign
May 26, 2025
Cybersecurity insurance provider Coalition recently released its 2025 Cyber Claims Report, exploring the cyber threat landscape throughout 2024. The report details trends including a 7% decrease in overall claims frequency among Coalition policyholders, a 3%…
Read More >
SANS RSAC Top 5
The Five Most Dangerous Cyber Threats Emerging in 2025
May 26, 2025
The SANS Institute, a leader in cybersecurity training and certificates, presents a keynote session at RSAC every year, looking at the threat landscape and outlining attack techniques of pressing concern in the upcoming year. Experts…
Read More >
Cyber 4398479 1280
Cybersecurity Awareness Soars, but SMBs Still Falling Behind on AI Defenses
May 23, 2025
Cybersecurity technology provider CrowdStrike, an industry leader in endpoint protection, recently published a report on its State of SMB Cybersecurity Survey. The report explores pressing concerns and evolving trends in the cybersecurity postures of small-…
Read More >
Cellular 5114845 1280
TeleMessage Breach Undermines Secure Messaging for Government Officials
May 22, 2025
TeleMessage, a secure messaging app used by government officials, has suspended all operations following claims by hackers that they breached the company’s internal systems. According to a report by NBC News, the attackers say they…
Read More >
Commvault remote code execution
Critical Flaw in Commvault Exposes Command Center to Remote Code Execution
May 20, 2025
Data protection and data management software company Commvault is an industry leader in cloud data protection, providing cyber resilience solutions to thousands of organizations. Recently, a critical vulnerability was discovered in the Commvault Command Center,…
Read More >
Trellix APT advanced persistent threat cybersecurity
APT Surge Marks Historic High in Cyber Activity Targeting U.S. Telecom
May 15, 2025
The cybersecurity threat landscape has entered a new era of intensity. Trellix’s recently released April 2025 CyberThreat Report revealed what may be the most active period of cyberattacks in U.S. history. Based on telemetry from…
Read More >
Office 620822 1280
Mobile Threats Surge in 2025: Phishing, Sideloading, and Supply Chain Blind Spots
May 14, 2025
Mobile threats are an important consideration in any security strategy, especially as hybrid working environments and bring-your-own-device (BYOD) setups are popular in modern organizations. Mobile security leader Zimperium recently published its 2025 Global Mobile Threat…
Read More >
Subscribe for the Latest News
Webinars
Is Your Security Built for Today’s World?
Register Now
Cloud Ransomware Tabletop: Unpacking an Attack from Detection to Recovery
Register Now
The 4 Levels of Cloud Cyber Resilience: Where Does Your Organization Stand?
Register Now