Cybersecurity News Hero

Combing the world for the cybersecurity stories you need to know.

Cybersecurity News
Anthropic AI-automated attack
Inside the First Fully Autonomous Cyber-Espionage Campaign
November 25, 2025
The growth of AI in recent years has led to its widespread use for not only legitimate applications, but cybercriminal operations as well. Threat actors have increasingly turned to AI-enhanced tools for a variety of…
Read More >
cloud security AWS Cloud Trust report
Defining Security, Compliance, and Resilience in the Cloud Era
November 24, 2025
A decade ago, trust in IT mostly meant keeping a tight grip on your own infrastructure. Servers in a datacenter you controlled. Firewalls at the edge. A clear perimeter. That world is gone. Cloud adoption…
Read More >
cybersecurity AI CISO budgets
The Future of Cybersecurity: Trust, Autonomy, and the AI Arms Race
November 24, 2025
Insights from leaders like CISOs are a vital part of threat intelligence, important for organizations to follow in order to maintain effective defenses against an ever-shifting landscape of threats. The RSAC Conference recently released a…
Read More >
Qualys botnet web security
How Botnets Are Weaponizing the Modern Web
November 18, 2025
The threat landscape is always shifting, with traditional tactics and tools often reemerging as attack trends and technological advances make them more profitable once more. The Threat Research Unit (TRU) at Qualys recently discovered a…
Read More >
Arkose Labs threat intelligence automation trust
How Automation Is Rewriting the Rules of Trust Online
November 17, 2025
A recent report from Arkose Labs, Enterprises Under Attack: Quarterly Threat Actor Patterns, reveals a number of trends differentiating Q2 2025 from Q1. The rise of AI and crime-as-a-service is reshaping the global threat landscape,…
Read More >
WordPress plugins GutenKit Hunk Companion
The Mass Exploitation of GutenKit and Hunk Companion
November 15, 2025
In early October, Wordfence, which specializes in WordPress security, discovered a large-scale exploitation campaign had resurfaced. The attack weaponized the long-standing capability-check flaws in two WordPress plugins: GutenKit (CVE-2024-9234) Hunk Companion (CVE-2024-9707 and CVE-2024-11972) “This…
Read More >
cargo theft supply chain Proofpoint
How Cybercriminals Are Turning Remote Access into Real-World Cargo Theft
November 11, 2025
Technological advances and evolving cybercriminal tactics are creating a new landscape of attacks, with updated goals and consequences. Whereas cybercrime traditionally has focused on more abstract aims—though still with significant real-life impacts—like data theft and…
Read More >
agentic AI risk management
Agentic AI: The Blind Spot in Corporate Risk Management
November 10, 2025
Risk management software provider Riskonnect recently released the 2025 New Generation of Risk Report, providing insight into the most pressing risks facing organizations today. The report shows general improvements in risk management, but a significant…
Read More >
agentic access management AAM framework
Oasis Launches Framework for Agentic Access Management
November 07, 2025
The market for agentic AI—the kind of artificial intelligence that can not only analyze data but act on it—is expanding fast. Analysts expect it to grow from $1.83 billion in 2025 to $7.84 billion by…
Read More >
Python
RCE Flaw in Python-SocketIO Exposes a Trusted Assumption
November 04, 2025
For years, Python has been the go-to language for developers who value speed and simplicity. Its clean syntax and massive ecosystem make it easy to get things done fast. The newly disclosed CVE-2025-61765 flaw in…
Read More >
RSA identity security
RSA Report Shows Breaches Surge 69% Amid AI Optimism
November 03, 2025
As dependence on digital identity for access, governance, and automation continues to grow, it becomes more and more important to ensure that identities are managed appropriately and backed up by other forms of authentication to…
Read More >
telecom Europe Salt Typhoon Citrix
China Hackers Exploit Citrix Gateway to Breach European Telecom
November 03, 2025
Cybersecurity programs typically focus on protecting core applications and digital assets. But what if the bad guys start targeting trusted defensive measures? This was the case as reported by Darktrace, a cybersecurity platform provider. Its…
Read More >
zero trust agentic AI
Why Zero Trust Must Evolve for the Age of Agentic AI
November 01, 2025
One of the most sophisticated developments in the recent AI explosion has been the growth of agentic AI technology, capable of autonomous action and decision-making. While the advanced capabilities of AI agents can offer convenience…
Read More >
Qantas ransomware Scattered Lapsus$
Scattered Lapsus$ Hunters Leak Qantas Data Despite FBI Domain Takedown
October 28, 2025
The Qantas data breach from earlier this year has resurfaced. In its latest customer update on the June cybersecurity incident, Qantas has confirmed that stolen customer data has been published to the internet. The company…
Read More >
Arctic Wolf cybersecurity overconfidence
Why Overconfidence Is the Biggest Cyber Risk of 2025
October 27, 2025
In an ongoing period of rising threats and rapidly advancing technology, 2025 has become a year defined by massive human overconfidence in cybersecurity. There is a staggering disparity between how secure users and IT leaders…
Read More >
Windows 10 end of life
When Windows 10 Dies, Security Risks Multiply
October 24, 2025
As new versions of a widely available operating system like Windows become available, the company offering the software must make decisions regarding the ongoing support and updates for older iterations. In June 2021, Microsoft announced…
Read More >
Insider Risk Report Fortinet
The Human Factor in Cybersecurity
October 21, 2025
Cybersecurity headlines tend to focus on the outside world—state-sponsored hackers, ransomware gangs, and criminal networks. But Fortinet’s latest Insider Risk Report, produced in partnership with Cybersecurity Insiders, shifts the focus to what’s happening inside organizations.…
Read More >
DevSecOps AI Black Duck
DevSecOps Hits AI-Fueled Reality Check
October 17, 2025
A new global survey (sponsored by Black Duck Software) on the use of AI finds DevSecOps teams are deploying code daily or even faster. However, those same professionals indicate security onboarding remains stubbornly manual. Security…
Read More >
Subscribe for the Latest News
Webinars
Is Your Security Built for Today’s World?
Register Now
Cloud Ransomware Tabletop: Unpacking an Attack from Detection to Recovery
Register Now
The 4 Levels of Cloud Cyber Resilience: Where Does Your Organization Stand?
Register Now