Cybersecurity News Hero

Combing the world for the cybersecurity stories you need to know.

Cybersecurity News
GPT-5 ChatGPT jailbreak
Researchers Expose GPT-5 Jailbreak Flaws, Outperformed by Hardened GPT-4o
August 19, 2025
In the massive AI explosion of the past several years, AI companies and developers are constantly attempting to improve the performance and capabilities of their products. OpenAI recently announced the release of its newest LLM,…
Read More >
BeyondTrust non-human identities identity security
BeyondTrust Shines a Light on Secrets and Non-Human Identity Risks
August 18, 2025
With constant technological advances, changing privacy standards and regulatory enforcement, and efforts to meet consumer demand for streamlined experiences, the identity landscape is quite different from what it once was, and still evolving. The growth…
Read More >
Menlo Security GenAI phishing deepfake risk
Menlo Security Reveals How GenAI Tools Are Reshaping Work—and Risk
August 16, 2025
Generative AI is reshaping how people work. In January 2025 alone, Menlo Security recorded 10.53 billion visits to AI-related websites. That’s a 50% jump from just 11 months earlier. And most of that activity—an estimated…
Read More >
CISO budgets
Cybersecurity Under Constraint: CISOs’ Budget Growth Hits Five-Year Low
August 13, 2025
IANS Research and Artico Search recently published the 2025 Security Budget Benchmark Report, based on data collected between April and August of this year. The report aims to help security leaders by providing expert insights…
Read More >
cloaking-as-a-service CaaS
How AI Is Helping Cybercriminals Evade Detection—and What Defenders Can Do About It
August 11, 2025
In recent years, the industry of cybercrime-as-a-service has been growing in popularity as threat actors continue to find ways to lower the level of investment—of time, labor, and skill—required to get their attacks up and…
Read More >
Sudo vulnerabilities
Sudo Vulnerabilities Expose Millions of Linux Systems to Privilege Escalation
August 07, 2025
Sudo is a foundational utility in Unix and Linux systems that allows users to execute commands with elevated privileges. It serves as a core mechanism for enforcing administrative boundaries, supporting system operations, package management, and…
Read More >
Allianz data breach
Allianz Life Breach Exposes PII of 1.4 Million Customers in Social Engineering Attack
August 05, 2025
Allianz Life Insurance has experienced a catastrophic data breach affecting the personally identifiable information (PII) of 1.4 million customers, professionals, and employees of the company. The breach occurred via a social engineering attack that compromised…
Read More >
Flashpoint global threat intelligence index
Why Identity, Infrastructure, and Intelligence Now Define Security
August 01, 2025
Security platform and services provider Flashpoint recently published the Flashpoint Global Threat Intelligence Index: 2025 Midyear Edition, a companion and update to the earlier 2025 Global Threat Intelligence Report. The threat landscape has always experienced…
Read More >
FIDO PoisonSeed
FIDO Isn’t Broken—But PoisonSeed Found a Way Around It
July 31, 2025
FIDO (Fast IDentity Online) security keys have earned their reputation as one of the strongest defenses against phishing and account takeover. Built on hardware-backed cryptography, they make it nearly impossible for attackers to steal credentials…
Read More >
Zimperium mobile security
Unsecured Wi-Fi and Mobile Lapses Are Putting Businesses at Risk
July 30, 2025
The summer brings with it a surge in employee travel around the globe. Much of this travel is related to work, such as meeting with clients, attending conferences, and visiting sites. Even among the employees…
Read More >
macOS ZuRu malware
ZuRu Returns to Target macOS with Trojanized Business Apps
July 28, 2025
A backdoor vulnerability known as macOS.ZuRu, first spotted in July 2021, has undergone several subsequent variations since then, the most recent of which contains technical evolutions from previous versions. The threat was initially delivered via…
Read More >
ServiceNow SaaS security
Inside the ServiceNow Count(er) Strike Vulnerability
July 25, 2025
ServiceNow has become a backbone of enterprise IT, helping organizations manage everything from HR workflows to IT service delivery. Its cloud-based platform touches nearly every department in large organizations, making it a central hub for…
Read More >
phishing-as-a-service identity security
Identity Under Siege: How Phishing-as-a-Service and Browser Threats Are Fueling a New Cybercrime Wave
July 23, 2025
The past several years have seen a dramatic rise in identity-based attacks, a concerning trend in the threat landscape that puts many individuals and organizations in danger. Identity-based attacks have emerged as one of the…
Read More >
ToolShell SharePoint
Patch, Persist, Repeat: How ToolShell Is Bypassing SharePoint Defenses
July 22, 2025
A new zero-day exploit campaign is actively targeting Microsoft SharePoint Server, raising urgent concerns for enterprises running on-prem environments. Dubbed “ToolShell” by researchers at Ontinue, the attack chain enables unauthenticated remote code execution and has…
Read More >
Semperis Purple Knight Report
Purple Knight Report Exposes Troubling Gaps in Hybrid Identity Security
July 19, 2025
The security of identity infrastructure is under pressure like never before. As attackers increasingly target the systems that govern access, organizations are discovering they have less control than they assumed. Complex hybrid environments, aging configurations,…
Read More >
deepfake AI Marco Rubio
Deepfake Diplomacy: AI Impostor Exposes Critical Flaws in Cybersecurity
July 18, 2025
The AI explosion in recent years has caused shifts in the way individuals and organizations approach communications and tasks in many areas. Unfortunately, this includes the increasing use of AI-enhanced technologies by cybercriminals to make…
Read More >
CISA KEV exploited vulnerabilities
CISA Flags Four Actively Exploited Vulnerabilities—Some Nearly a Decade Old
July 15, 2025
On July 7, the Cybersecurity and Infrastructure Security Agency (CISA) added four new entries to its Known Exploited Vulnerabilities (KEV) catalog. What stands out about the vulnerabilities isn’t the number, it’s the age. The oldest…
Read More >
Outlook crash VDI reliability
Outlook Crash Sparks Debate Over VDI Reliability and Hidden Security Risks
July 14, 2025
A recent issue with Microsoft’s Outlook email platform has caused the client to crash when users are composing or opening emails. The issue can impact users across all Microsoft 365 Office channels, with users who…
Read More >
Subscribe for the Latest News

"*" indicates required fields

This field is for validation purposes and should be left unchanged.
Consent*
Webinars
The End of Legacy SAST & the Rise of Developer-First AppSec
Register Now
Threat Actors Unveiled: Abusing AI: How Adversaries Code, Campaign, and Collaborate with AI
Register Now
Closing the Gap: Understanding the True State of Ransomware Readiness
Register Now