Cybersecurity News Hero

Combing the world for the cybersecurity stories you need to know.

Cybersecurity News
Open Source Project Security Baseline OSPS
Open Source Project Security Baseline Defines Minimum Security Requirements for Open Source Software
March 05, 2025
Open source software (OSS) forms the foundation of many steps in the software supply chain, so securing it is essential to safeguard vast and diverse networks and data. The Open Source Security Foundation (OpenSSF) is…
Read More >
Paris ethical AI Action Summit
Divergent Paths Emerge as US and UK Decline AI Action Summit Declaration
March 04, 2025
The AI Action Summit in Paris during the second week in February 2025 was a departure on how the international community is approaching artificial intelligence (AI). The two previous international summits concentrated on AI safety…
Read More >
Gcore DDoS
The Escalating Threats of DDoS Attacks
February 28, 2025
Gcore just released its Q3-Q4 2024 Radar DDoS Attack Trends report. The report reveals a significant increase in the total number of distributed denial of service (DDoS) as well as their magnitude. Among many other…
Read More >
API security
How a Single Vulnerability Exposed Millions of Airline Customers
February 26, 2025
In an overwhelmingly digital society, application programming interfaces (APIs) are essential for a wide range of online processes, from financial transactions to logging in on third-party sites using a connected platform. The very accessibility that…
Read More >
DeepSeek China national security
Congress Targets China’s DeepSeek AI in New National Security Bill
February 25, 2025
DeepSeek, the Chinese-based artificial intelligence (AI) company, shocked the world when it released its R1 large language model (LLM). This new AI offering disrupted the established AI LLM market. However, there have been immediate worldwide…
Read More >
VPN brute force DDoS
2.8 Million IPs Target VPN and Security Devices
February 24, 2025
A massive brute force attack is hammering VPNs and security appliances, with attackers using nearly 3 million IP addresses to flood these devices with credential-guessing attempts. According to reports, the attack has been ongoing for…
Read More >
macOS infostealers
macOS Malware Surge: Infostealers Drive a 101% Spike in Attacks
February 20, 2025
Malware attacks on macOS systems have surged recently, with malicious activity especially focused on infostealers. Palo Alto Networks’ Unit 42 found that infostealers make up the largest part of macOS malware introduced in 2024. Some…
Read More >
DOGE Department of Education FERPA
Elon Musk’s DOGE Sparks Controversy at the U.S. Education Department
February 19, 2025
A recent report from The Washington Post has ignited a debate over the role of AI in government oversight. According to the report, Elon Musk’s Department of Government Efficiency (DOGE) has been granted access to…
Read More >
ASP.Net machine keys
The Hidden Dangers of Publicly Disclosed ASP.NET Machine Keys
February 18, 2025
Microsoft has recently issued a notice warning of code injection attacks by an unknown threat actor taking advantage of publicly disclosed ASP.NET machine keys. These are cryptographic keys for encrypting and validating data in ASP.NET…
Read More >
Sneaky 2FA phishing kit
The Rise of Phishing-as-a-Service Targeting Microsoft 365 Accounts
February 14, 2025
Cybersecurity firm Sekoia recently spotted a new phishing kit using an Adversary-in-the-Middle (AitM) technique to target Microsoft 365 accounts. Discovered in December 2024, the Sneaky 2FA phishing kit is a sophisticated phishing-as-a-service (PhaaS) attack from…
Read More >
rsync vulnerabilities
Critical rsync Vulnerabilities Exposed: Over 660,000 Systems at Risk
February 12, 2025
On January 14, Google Cloud and other independent security researchers announced the discovery of six vulnerabilities in rsync, a widely used file synchronization tool. The most severe, CVE-2024-12084, is a buffer overflow flaw in the…
Read More >
Halcyon ransomware
The Rise of RansomHub and Geopolitical Risks
February 11, 2025
Military strategist Sun Tzu wrote over 2000 years ago that it is critical to understand your adversary. This concept is why anti-ransomware platform provider Halcyon publishes their "Ransomware Malicious Quartile (MQ) Power Rankings." They released…
Read More >
Homebrew AmosStealer malvertising
Homebrew Targeted in Malvertising Campaign Distributing AmosStealer Malware
February 10, 2025
The free, open-source software package management system Homebrew is a popular tool for simplifying the process of installing software on macOS and Linux systems. It is entirely run by volunteers and often benefits from user…
Read More >
ransomware agentic AI Malwarebytes
AI, Ransomware, and the Escalating Cybersecurity Battlefield in 2025
February 07, 2025
Cybersecurity in 2025 is caught in a tug-of-war between innovation and exploitation. The rise of agentic AI—AI that can operate autonomously, make decisions, and interact with systems—has reshaped both cyber defense and cybercrime. Security teams…
Read More >
PDF mishing mobile phishing
Cybercriminals Exploit Vulnerabilities in Mobile Phishing Campaign
February 07, 2025
Phishing has been a tried-and-true cyberattack tactic for decades, as it allows threat actors to adapt and expand their methods to take advantage of different technologies and evade many cybersecurity measures. Recent years have seen…
Read More >
Gravatar cloud credential harvesting
Cloud App Impersonations and the Rise of Sophisticated Credential Harvesting
February 04, 2025
There are no safe spaces on the internet. Cybercriminals will exploit any and every opportunity to launch attacks. This has been demonstrated again by researchers at SlashNext, who have uncovered a new credential harvesting campaign.…
Read More >
Sophos mobile access appliance
Critical Flaw Puts Secure Mobile Access Appliances at Risk
February 04, 2025
SonicWall has issued an urgent warning about a newly discovered zero-day vulnerability, CVE-2025-23006, in its Secure Mobile Access (SMA) 1000 Series appliances. This flaw leaves affected devices open to full system compromise, enabling attackers to…
Read More >
Arcus Media ransomware Halcyon
Arcus Media: The Rising Ransomware Threat Redefining Modern Cybersecurity Defenses
January 29, 2025
Ransomware continues to evolve as one of today’s most formidable cyber threats. Cybercriminals continue to refine their tactics to inflict the most damage possible and, ultimately, increase the likelihood of a ransom payment. Over the…
Read More >
Subscribe for the Latest News
Webinars
Securing the AI Frontier: Defending the Enterprise Ecosystem with Prisma AIRS
Register Now
Scaling Secure Development: Modern Code Security Without Slowing Innovation
Register Now
When Your Cloud Directory Goes Dark: Recovering Entra ID After a Cyberattack
Register Now