Cybersecurity News Hero

Combing the world for the cybersecurity stories you need to know.

Cybersecurity News
FDA medical manufacturing
FDA Pushes for Cybersecurity in Smart Manufacturing
July 09, 2025
Medical manufacturing is embracing a new wave of digital innovation. Production lines now integrate connected devices, data-driven automation, and analytics platforms designed to improve speed and precision. These advances bring clear operational benefits, but they…
Read More >
memory-safe languages MSLs
Why Memory-Safe Languages Are Now a National Security Priority
July 07, 2025
The United States Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA) recently published a joint guide, “The Case for Memory Safe Roadmaps: Why Both C-Suite Executives and Technical Experts Need to Take…
Read More >
WormGPT
WormGPT Reborn: Cybercriminals Hijack Mainstream AI to Power New Variants
July 06, 2025
WormGPT first emerged in 2023 as a blackhat tool built on GPT-J, offering threat actors a way to generate malicious content through an uncensored AI interface. It gained quick traction in underground forums, where it…
Read More >
Brother devices printers vulnerabilities
Critical Vulnerabilities in Brother Devices Expose Millions to Remote Attacks
July 06, 2025
Security researchers at Rapid7 have disclosed eight newly discovered vulnerabilities affecting more than 689 models of Brother devices, including printers, scanners, and label makers. While these kinds of vulnerabilities rarely grab headlines, the scope of…
Read More >
Chrome extensions vulnerabilities
Popular Chrome Extensions Expose Users to Cyber Threats
June 30, 2025
It is tempting to believe that widely used browser extensions are required to follow strict security practices to protect users of popular browsers like Google Chrome, but this is not always the case. The ecosystem…
Read More >
SentinelOne cyber espionage
How SentinelOne Thwarted Cyber Espionage Attempts
June 28, 2025
SentinelOne recently revealed that it was the target of a failed cyber espionage operation carried out by China-linked threat actors. This case is a rare example where a cybersecurity firm itself became the focus of…
Read More >
GodFather mobile malware sandbox
Inside the Sandbox: The Evolution of Mobile Banking Malware
June 27, 2025
The history of mobile malware has been evolving for over 20 years, targeting mobile devices through a wide range of vectors for a variety of ends. Early mobile malware relied on Bluetooth capability to spread…
Read More >
Salesforce low-code vulnerabilities
Salesforce Industry Cloud Vulnerabilities Highlight Hidden Dangers of Low-Code Platforms
June 24, 2025
Low-code platforms like Salesforce’s Industry Cloud promise to speed up digital transformation by making it easier for organizations to build and deploy apps. With tools like OmniStudio, employees can quickly create workflows and interfaces tailored…
Read More >
Qualys Linux core dumps
New Vulnerabilities in Linux Core Dump Handlers Expose Password Hashes
June 23, 2025
Security researchers at Qualys have discovered two new vulnerabilities in popular Linux core dump handlers that could let local attackers extract sensitive data—including password hashes—from crashed programs. The flaws, tracked as CVE-2025-5054 and CVE-2025-4598, affect…
Read More >
ClickFix CAPTCHA phishing
ClickFix and the New Face of Phishing: Why Your Browser Is the Next Battleground
June 23, 2025
Phishing has taken a new and unsettling turn with the emergence of ClickFix, a browser-based tactic that doesn’t rely on fake login pages or malicious downloads. ClickFix masquerades as a security feature, using convincing visual…
Read More >
Victoria's Secret retail Scattered Spider
Victoria’s Secret and the Fashion Industry’s Growing Cybersecurity Crisis
June 17, 2025
On June 3rd, major clothing retailer Victoria’s Secret disclosed a cybersecurity incident affecting the company’s information technology (IT) systems. The attack led to Victoria’s Secret shutting down their website from May 26th to 29th while…
Read More >
Oasis OneDrive OAuth
Unpacking the OneDrive OAuth Crisis
June 13, 2025
Open Authorization (OAuth) is a standard for allowing apps and services to log in to one another while keeping confidential information private, such as when users sign in on a third-party site using their Facebook…
Read More >
Kettering health ransomware
Ransomware Hits Ohio Hospital Network
June 09, 2025
A ransomware attack has knocked out key systems across Kettering Health, a nonprofit network of 14 hospitals and more than 120 outpatient facilities in western Ohio. The incident triggered a large-scale technology outage, forcing the…
Read More >
Adidas digital supply chain
Adidas Discloses Data Breach Linked to Third-Party Customer Service Provider
June 09, 2025
On May 23rd, 2025, athletic apparel company Adidas published a notice disclosing a data breach originating from a cyberattack targeting a third-party customer service provider. The disclosure discusses limited information regarding the source of the…
Read More >
AWS S3 access Aqua Security
AWS Defaults Could Lead to Service Takeover
June 06, 2025
Identity and access management (IAM) is one of the most significant factors in cybersecurity today, yet it is often overlooked or deprioritized in favor of more direct threat prevention technologies and practices. Organizations often struggle…
Read More >
Operation Roundpress Russia Fancy Bear
Kremlin-Linked Hackers Escalate Global Cyber Espionage to Aid War in Ukraine
June 02, 2025
The cyberthreat group known as Fancy Bear and Sednit, among a litany of other names, has been active for over 20 years. In that time, the group is supposed to have been responsible for a…
Read More >
Roblox data privacy lawsuit
Lawsuit Accuses Roblox of Covertly Harvesting Kids’ Data
May 29, 2025
The issue of children’s safety online is an ever-present concern for parents as well as data privacy advocates. As children are allowed access to internet-facing services at a younger and younger age, the tension between…
Read More >
European Union EUVD ENISA
EUVD Aims to Strengthen Cyber Resilience Through Interconnected Intelligence
May 28, 2025
Over time, and especially in recent years, IT environments and attack vectors have grown more and more complex, making it difficult for organizations to defend against rising threats. Multi-cloud environments, remote and hybrid working arrangements,…
Read More >
Subscribe for the Latest News
Webinars
Scaling Code Security for Builders Beyond Developer-First
Register Now
Cyber Resilience in Action: How IBM and Index Engines Deliver a Detection-to-Recovery Pipeline
Register Now
Passwordless Authentication: A Practical Approach to Modernizing Access
Register Now