Every day, security teams face the same problem—too many risks, too many alerts, and not enough time. You fix one issue, and three more show up. It feels like you’re always one step behind. But...
Vendors (still) keep mum An "advanced" attacker exploited CitrixBleed 2 and a max-severity Cisco Identity Services Engine (ISE) bug as zero-days to deploy custom malware, according to Amazon Chief...
NSO Group, the firm behind Pegasus spyware, has a new executive chairman who plans to use his ties to the Trump administration to improve the company’s reputation in the U.S. Speaking with the...
Third-party risk is becoming the dominant attack vector in today’s cybersecurity landscape. Aleksandr Yampolskiy, CEO of SecurityScorecard, warned on the McCrary Institute’s Cyber Focus podcast...
Active Directory remains the authentication backbone for over 90% of Fortune 1000 companies. AD's importance has grown as companies adopt hybrid and cloud infrastructure, but so has its...
The United States is facing a perilous turning point in its approach to cybersecurity. While foreign rivals intensify their digital operations, America’s own cyber defenses are shrinking, hampered...
Google has filed a lawsuit to dismantle the "Lighthouse" phishing-as-a-service platform used by cybercriminals worldwide to steal credit card information through SMS phishing attacks impersonating...
Google has filed a lawsuit to dismantle the "Lighthouse" phishing-as-a-service platform used by cybercriminals worldwide to steal credit card information through SMS phishing attacks impersonating...
Microsoft on Tuesday released patches for 63 new security vulnerabilities identified in its software, including one that has come under active exploitation in the wild. Of the 63 flaws, four are...
As lines blur between human error and machine intelligence, defense has never been more personal
The future of retail cybersecurity: Explore insights from 220 retail executives on managing AI-driven threats and closing the cyber resilience gap. 44% of retail organizations report a sharp...
Hospitals, energy and water supplies and transport networks will be better protected from the threat of cyberattacks under new laws being introduced in UK Parliament today (12th November). Under...
A cybersecurity breach discovered last week affecting the Congressional Budget Office is now considered “ongoing,” threatening both incoming and outgoing correspondence around Congress’...
US Northern Command has taken a major step in domestic drone defense, certifying its new counter-drone fly-away kit after a weeklong live deployment at Minot Air Force Base. Designed for layered...
Current and former military officers are warning that adversaries are likely to exploit a natural flaw in artificial intelligence chatbots to inject instructions for stealing files, distorting...
The Senate’s approval Monday of a funding package that would reopen the government would also extend authorization of the well-reviewed State and Local Cybersecurity Grant Program. The deal, which...
Google on Tuesday unveiled a new privacy-enhancing technology called Private AI Compute to process artificial intelligence (AI) queries in a secure platform in the cloud. The company said it has...
Streamline Security Backlogs by Grouping Vulnerabilities, Secrets, and Data Findings into Posture Issues
Microsoft announced that passwordless authentication is now easier on Windows 11 through native support for third-party passkey managers, the first ones supported being 1Password and Bitwarden. [...]
Former DoJ attorney John Carlin writes about hackback, which he defines thus: “A hack back is a type of cyber response that incorporates a counterattack designed to proactively engage with,...
The DanaBot malware has returned with a new version observed in attacks, six-months after law enforcement's Operation Endgame disrupted its activity in May. [...]
Metropolitan Police lands lengthy sentence following 'complex' investigation The Metropolitan Police's seven-year investigation into a record-setting fraudster has ended after she was sentenced to...
Various touch-ups added as MPs seek greater resilience to attacks on critical sectors UK government introduced the Cyber Security and Resilience (CSR) Bill to Parliament today, marking a...
Microsoft has resolved a bug causing incorrect Windows 10 end-of-support warnings on systems with active security coverage or still under active support after installing the October 2025 updates. [...]
As AI agents gain autonomy to act, decide, and access data, traditional Zero Trust models fall short. Token Security explains how to extend "never trust, always verify" to agentic AI with scoped...
Skies are open for mischief as hard-to-trace drones and fast-moving cyber raids promise new wave of disruption Britain's aviation watchdog has warned it's only a matter of time before organized...
Google is suing 25 people it alleges are behind a “relentless” scam text operation that uses a phishing-as-a-service platform called Lighthouse.
Microsoft has disclosed a critical SQL injection vulnerability in SQL Server that could allow authenticated attackers to escalate their privileges over a network. Tracked as CVE-2025-59499 and...
The United Kingdom has introduced new legislation to boost cybersecurity defenses for hospitals, energy systems, water supplies, and transport networks against cyberattacks, linked to annual...
Microsoft has disclosed two critical security vulnerabilities affecting GitHub Copilot and Visual Studio Code that could allow attackers to bypass important security protections. Both flaws were...