Cybersecurity News Hero

Combing the world for the cybersecurity stories you need to know.

Cybersecurity News
OT security Dragos
The Hidden Cost of OT Cyber Disruption
September 01, 2025
Operational technology has become a prime target for cyberattacks, and the stakes are growing. These are the systems behind factories, power grids, and transit networks. When they fail, the disruption spreads well beyond the IT…
Read More >
ransomware credentials data exfiltration
Why Credential Theft and Data Exfiltration Are Outpacing Ransomware
August 29, 2025
Due to the constant evolution of the threat landscape, the common reputation of ransomware is no longer representative of reality. While many think of ransomware solely as hackers compromising and encrypting sensitive files in order…
Read More >
certificates post quantum cryptography
47-Day Certificates and Quantum Computing: Why Crypto Agility Can’t Wait
August 29, 2025
Digital trust is now entering one of the most disruptive periods in its history. Two forces are converging that will redefine how organizations secure their data and transactions: The radical shortening of SSL/TLS certificate lifespans…
Read More >
Erlang/OTP
Critical Erlang/OTP SSH Flaw Actively Exploited, OT Networks in Crosshairs
August 26, 2025
Attackers are now actively exploiting a critical flaw in Erlang/OTP’s SSH implementation (CVE-2025-32433), with most activity targeting operational technology (OT) environments. The flaw, which enables arbitrary code execution in the context of the SSH daemon,…
Read More >
Russia breach federal court system
Russia Suspected in Years-Long Breach of Federal Court System
August 25, 2025
Companies and government institutions alike have long been on the alert for cyber incidents motivated by foreign interests. In an environment like the geopolitical landscape of the past several years, especially, major cyberattacks from overseas…
Read More >
Exchange server vulnerabilities
Tens of Thousands of Exchange Servers Still Unpatched, Leaving Cloud Domains at Risk
August 22, 2025
In April, Microsoft disclosed CVE-2025-53786, a high-severity flaw in on-premises Exchange Server that can give attackers a direct route to compromising connected Microsoft cloud environments. Four months later, more than 29,000 Exchange servers exposed to…
Read More >
GPT-5 ChatGPT jailbreak
Researchers Expose GPT-5 Jailbreak Flaws, Outperformed by Hardened GPT-4o
August 19, 2025
In the massive AI explosion of the past several years, AI companies and developers are constantly attempting to improve the performance and capabilities of their products. OpenAI recently announced the release of its newest LLM,…
Read More >
BeyondTrust non-human identities identity security
BeyondTrust Shines a Light on Secrets and Non-Human Identity Risks
August 18, 2025
With constant technological advances, changing privacy standards and regulatory enforcement, and efforts to meet consumer demand for streamlined experiences, the identity landscape is quite different from what it once was, and still evolving. The growth…
Read More >
Menlo Security GenAI phishing deepfake risk
Menlo Security Reveals How GenAI Tools Are Reshaping Work—and Risk
August 16, 2025
Generative AI is reshaping how people work. In January 2025 alone, Menlo Security recorded 10.53 billion visits to AI-related websites. That’s a 50% jump from just 11 months earlier. And most of that activity—an estimated…
Read More >
CISO budgets
Cybersecurity Under Constraint: CISOs’ Budget Growth Hits Five-Year Low
August 13, 2025
IANS Research and Artico Search recently published the 2025 Security Budget Benchmark Report, based on data collected between April and August of this year. The report aims to help security leaders by providing expert insights…
Read More >
cloaking-as-a-service CaaS
How AI Is Helping Cybercriminals Evade Detection—and What Defenders Can Do About It
August 11, 2025
In recent years, the industry of cybercrime-as-a-service has been growing in popularity as threat actors continue to find ways to lower the level of investment—of time, labor, and skill—required to get their attacks up and…
Read More >
Sudo vulnerabilities
Sudo Vulnerabilities Expose Millions of Linux Systems to Privilege Escalation
August 07, 2025
Sudo is a foundational utility in Unix and Linux systems that allows users to execute commands with elevated privileges. It serves as a core mechanism for enforcing administrative boundaries, supporting system operations, package management, and…
Read More >
Allianz data breach
Allianz Life Breach Exposes PII of 1.4 Million Customers in Social Engineering Attack
August 05, 2025
Allianz Life Insurance has experienced a catastrophic data breach affecting the personally identifiable information (PII) of 1.4 million customers, professionals, and employees of the company. The breach occurred via a social engineering attack that compromised…
Read More >
Flashpoint global threat intelligence index
Why Identity, Infrastructure, and Intelligence Now Define Security
August 01, 2025
Security platform and services provider Flashpoint recently published the Flashpoint Global Threat Intelligence Index: 2025 Midyear Edition, a companion and update to the earlier 2025 Global Threat Intelligence Report. The threat landscape has always experienced…
Read More >
FIDO PoisonSeed
FIDO Isn’t Broken—But PoisonSeed Found a Way Around It
July 31, 2025
FIDO (Fast IDentity Online) security keys have earned their reputation as one of the strongest defenses against phishing and account takeover. Built on hardware-backed cryptography, they make it nearly impossible for attackers to steal credentials…
Read More >
Zimperium mobile security
Unsecured Wi-Fi and Mobile Lapses Are Putting Businesses at Risk
July 30, 2025
The summer brings with it a surge in employee travel around the globe. Much of this travel is related to work, such as meeting with clients, attending conferences, and visiting sites. Even among the employees…
Read More >
macOS ZuRu malware
ZuRu Returns to Target macOS with Trojanized Business Apps
July 28, 2025
A backdoor vulnerability known as macOS.ZuRu, first spotted in July 2021, has undergone several subsequent variations since then, the most recent of which contains technical evolutions from previous versions. The threat was initially delivered via…
Read More >
ServiceNow SaaS security
Inside the ServiceNow Count(er) Strike Vulnerability
July 25, 2025
ServiceNow has become a backbone of enterprise IT, helping organizations manage everything from HR workflows to IT service delivery. Its cloud-based platform touches nearly every department in large organizations, making it a central hub for…
Read More >
Subscribe for the Latest News
Webinars
5 SIEM Migration Myths Debunked: Why You Should Move to a Cloud-Native, AI-Driven SOC
Register Now
Securing the AI Frontier: Defending the Enterprise Ecosystem with Prisma AIRS
Register Now
Takeaways from Major Open Source Library Attacks
Register Now