Cybersecurity News Hero

Combing the world for the cybersecurity stories you need to know.

Cybersecurity News
FIDO PoisonSeed
FIDO Isn’t Broken—But PoisonSeed Found a Way Around It
July 31, 2025
FIDO (Fast IDentity Online) security keys have earned their reputation as one of the strongest defenses against phishing and account takeover. Built on hardware-backed cryptography, they make it nearly impossible for attackers to steal credentials…
Read More >
Zimperium mobile security
Unsecured Wi-Fi and Mobile Lapses Are Putting Businesses at Risk
July 30, 2025
The summer brings with it a surge in employee travel around the globe. Much of this travel is related to work, such as meeting with clients, attending conferences, and visiting sites. Even among the employees…
Read More >
macOS ZuRu malware
ZuRu Returns to Target macOS with Trojanized Business Apps
July 28, 2025
A backdoor vulnerability known as macOS.ZuRu, first spotted in July 2021, has undergone several subsequent variations since then, the most recent of which contains technical evolutions from previous versions. The threat was initially delivered via…
Read More >
ServiceNow SaaS security
Inside the ServiceNow Count(er) Strike Vulnerability
July 25, 2025
ServiceNow has become a backbone of enterprise IT, helping organizations manage everything from HR workflows to IT service delivery. Its cloud-based platform touches nearly every department in large organizations, making it a central hub for…
Read More >
phishing-as-a-service identity security
Identity Under Siege: How Phishing-as-a-Service and Browser Threats Are Fueling a New Cybercrime Wave
July 23, 2025
The past several years have seen a dramatic rise in identity-based attacks, a concerning trend in the threat landscape that puts many individuals and organizations in danger. Identity-based attacks have emerged as one of the…
Read More >
ToolShell SharePoint
Patch, Persist, Repeat: How ToolShell Is Bypassing SharePoint Defenses
July 22, 2025
A new zero-day exploit campaign is actively targeting Microsoft SharePoint Server, raising urgent concerns for enterprises running on-prem environments. Dubbed “ToolShell” by researchers at Ontinue, the attack chain enables unauthenticated remote code execution and has…
Read More >
Semperis Purple Knight Report
Purple Knight Report Exposes Troubling Gaps in Hybrid Identity Security
July 19, 2025
The security of identity infrastructure is under pressure like never before. As attackers increasingly target the systems that govern access, organizations are discovering they have less control than they assumed. Complex hybrid environments, aging configurations,…
Read More >
deepfake AI Marco Rubio
Deepfake Diplomacy: AI Impostor Exposes Critical Flaws in Cybersecurity
July 18, 2025
The AI explosion in recent years has caused shifts in the way individuals and organizations approach communications and tasks in many areas. Unfortunately, this includes the increasing use of AI-enhanced technologies by cybercriminals to make…
Read More >
CISA KEV exploited vulnerabilities
CISA Flags Four Actively Exploited Vulnerabilities—Some Nearly a Decade Old
July 15, 2025
On July 7, the Cybersecurity and Infrastructure Security Agency (CISA) added four new entries to its Known Exploited Vulnerabilities (KEV) catalog. What stands out about the vulnerabilities isn’t the number, it’s the age. The oldest…
Read More >
Outlook crash VDI reliability
Outlook Crash Sparks Debate Over VDI Reliability and Hidden Security Risks
July 14, 2025
A recent issue with Microsoft’s Outlook email platform has caused the client to crash when users are composing or opening emails. The issue can impact users across all Microsoft 365 Office channels, with users who…
Read More >
FDA medical manufacturing
FDA Pushes for Cybersecurity in Smart Manufacturing
July 09, 2025
Medical manufacturing is embracing a new wave of digital innovation. Production lines now integrate connected devices, data-driven automation, and analytics platforms designed to improve speed and precision. These advances bring clear operational benefits, but they…
Read More >
memory-safe languages MSLs
Why Memory-Safe Languages Are Now a National Security Priority
July 07, 2025
The United States Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA) recently published a joint guide, “The Case for Memory Safe Roadmaps: Why Both C-Suite Executives and Technical Experts Need to Take…
Read More >
WormGPT
WormGPT Reborn: Cybercriminals Hijack Mainstream AI to Power New Variants
July 06, 2025
WormGPT first emerged in 2023 as a blackhat tool built on GPT-J, offering threat actors a way to generate malicious content through an uncensored AI interface. It gained quick traction in underground forums, where it…
Read More >
Brother devices printers vulnerabilities
Critical Vulnerabilities in Brother Devices Expose Millions to Remote Attacks
July 06, 2025
Security researchers at Rapid7 have disclosed eight newly discovered vulnerabilities affecting more than 689 models of Brother devices, including printers, scanners, and label makers. While these kinds of vulnerabilities rarely grab headlines, the scope of…
Read More >
Chrome extensions vulnerabilities
Popular Chrome Extensions Expose Users to Cyber Threats
June 30, 2025
It is tempting to believe that widely used browser extensions are required to follow strict security practices to protect users of popular browsers like Google Chrome, but this is not always the case. The ecosystem…
Read More >
SentinelOne cyber espionage
How SentinelOne Thwarted Cyber Espionage Attempts
June 28, 2025
SentinelOne recently revealed that it was the target of a failed cyber espionage operation carried out by China-linked threat actors. This case is a rare example where a cybersecurity firm itself became the focus of…
Read More >
GodFather mobile malware sandbox
Inside the Sandbox: The Evolution of Mobile Banking Malware
June 27, 2025
The history of mobile malware has been evolving for over 20 years, targeting mobile devices through a wide range of vectors for a variety of ends. Early mobile malware relied on Bluetooth capability to spread…
Read More >
Salesforce low-code vulnerabilities
Salesforce Industry Cloud Vulnerabilities Highlight Hidden Dangers of Low-Code Platforms
June 24, 2025
Low-code platforms like Salesforce’s Industry Cloud promise to speed up digital transformation by making it easier for organizations to build and deploy apps. With tools like OmniStudio, employees can quickly create workflows and interfaces tailored…
Read More >
Subscribe for the Latest News
Webinars
Is Your Security Built for Today’s World?
Register Now
Cloud Ransomware Tabletop: Unpacking an Attack from Detection to Recovery
Register Now
The 4 Levels of Cloud Cyber Resilience: Where Does Your Organization Stand?
Register Now