The percentage of ICS computers on which denylisted internet resources were blocked increased in all regions. This growth is associated with the addition of direct links to malicious code hosted...

Browser extensions boost productivity—but also open the door to hidden risks like data exfiltration and AitM attacks. Keep Aware's Buyer's Guide shows how to gain visibility, enforce policies, and...

As bad actors often simply waltz through companies’ digital front doors with a key, here’s how to keep your own door firmly locked tight

Introduction: A Security Crisis That Keeps Leaders Awake Did you know that 97% of security professionals admit to losing sleep over potentially missed critical alerts? (Ponemon Institute) It’s not...

Alva Industries (ALVA) announces the completion of the first season of Tech Torqs.

Transform threat intelligence from a cost center to a competitive advantage. Learn how Fortune 500 companies achieve measurable ROI through Intelligence Operations.

Explore a strategic framework for anticipating Vladimir Putin’s foreign policy decisions, from hybrid warfare to nuclear deterrence. Critical insights for global risk, security, and intelligence...

FIA is expanding adoption of Siemens Xcelerator to design and refine next generation race car concepts.

The sheer scale of the global chip market means that any manufacturing defect can have a costly ripple effect.

The last round of fixes before Win 10’s final shout touches 15 product families, including Xbox

Two major hacking groups have pushed the bureau to adapt how they respond to stealthier, more patient attacks, a top FBI official said. The post China’s ‘Typhoons’ changing the way FBI hunts...

The policy roadmap’s digital security text is tame in comparison to the last two years, when the idea of studying a U.S. Cyber Force dominated the debate.

The role American investors are playing in propping up spyware vendors is notable given the aggressive actions the U.S. government has taken to rein in the sector, including through sanctions,...

A DDoS mitigation service provider in Europe was targeted in a massive distributed denial-of-service attack that reached 1.5 billion packets per second. [...]

The Microsoft Store provides a convenient mechanism to install software without needing administrator permissions. The feature is convenient for non-corporate and home users but is unlikely to be...

A candid look into the dynamic evolution of the security industry through the lens of a Data Loss Prevention insider

The Information Security Program Manager will be responsible for providing strategic leadership and management for developing and implementing Information Security Programs for the Citizen Lab as...

Disaster was averted after widely used open-source packages were compromised via social engineering. The post The npm incident frightened everyone, but ended up being nothing to fret about...

Microsoft announced that, starting today, individual Windows developers will no longer have to pay for publishing their applications on the Microsoft Store. [...]

The Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) helps organizations assess and improve their threat intelligence programs by outlining 11 key areas and specific missions where...

This report on cybercrime, hacktivist and APT groups targeting primarily Russian organizations provides an analysis and comparison of their TTPs and divides them into three clusters.

The largest supply-chain compromise in the history of the NPM ecosystem has impacted roughly 10% of all cloud environments, but attackers made little profit off it. [...]

A segmentation of the attacked ICS computers into categories based on the malware blocked and the sources of its entry which helps to understand the ICS threat landscape better and identify the...

Nearly 200,000 Solana coins were stolen from SwissBorg, or about 2% of its assets, according to the platform's CEO. The company pledged to pay users back.

Google is integrating C2PA Content Credentials into the Pixel 10 camera and Google Photos, to help users distinguish between authentic, unaltered images and those generated or edited with...

Posted by Eric Lynch, Senior Product Manager, Android Security, and Sherif Hanna, Group Product Manager, Google C2PA Core At Made by Google 2025, we announced that the new Google Pixel 10 phones...

A weakness in the Cursor code editor exposes developers to the risk of automatically executing tasks in a malicious repository as soon as it's opened. [...]

Jaguar Land Rover (JLR) confirmed today that attackers also stole "some data" during a recent cyberattack that forced it to shut down systems and instruct staff not to report to work. [...]

Executive Summary CVE-2025-31324 is a critical remote code execution (RCE) vulnerability affecting the SAP NetWeaver Development Server, one of the core components used in enterprise environments...

Scattered Spider didn't need a zero-day to breach Clorox. They just phoned the help desk—convincing agents to reset passwords & MFA without proper checks. The result: $380M in damages. Learn from...