On September 8, 2025, malicious new versions of 18 popular npm packages maintained by a developer known as Qix (incl. [email protected], [email protected]) were published to npm. If those versions were pulled...
Google plans to make it easier for users to access AI mode by allowing them to set it as the default, replacing the traditional blue links. [...]
There’s an update to the Salesloft+Drift portal with results from the Mandiant Drift and Salesloft application investigations: Mandiant’s investigation has determined the threat actor took the...
ChatGPT's Projects feature is now feature and second new feature allows you to create new conversations from existing conversations. [...]
iCloud Calendar invites are being abused to send callback phishing emails disguised as purchase notifications directly from Apple's email servers, making them more likely to bypass spam filters to...
Jonathan Greig reports: Federal civilian agencies have until September 25 to patch a vulnerability in popular content management system Sitecore after incident responders said they disrupted a...
The Czech Republic's National Cyber and Information Security Agency (NUKIB) is instructing critical infrastructure organizations in the country to avoid using Chinese technology or transferring...
VirusTotal has discovered a phishing campaign hidden in SVG files that create convincing portals impersonating Colombia's judicial system that deliver malware. [...]
Investigations into the Nx "s1ngularity" NPM supply chain attack have unveiled a massive fallout, with thousands of account tokens and repository secrets leaked. [...]
AI agents (utilizing LLMs and RAG) are being used within SOCs and SIEMS to both help identify attacks and assist analysts with working more efficiently; however, I’ve done a little bit of research...
Roblox says it will build a system to ensure that adults and children aren't communicating unless they know one another outside the gaming platform.
Back in 2016-2018 when threat actors known as thedarkoverlord (“TDO”) were hacking entities and attempting to extort their victims by sending them emails with details about their family members...
Insights, philosophy, and candor to make you rethink the way you look at data science
Microsoft says it has been enforcing multifactor authentication (MFA) for Azure Portal sign-ins across all tenants since March 2025. [...]
After the notices from Sitecore and Mandiant on Wednesday, the Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability to its exploited bugs catalog, giving all federal...
The European Commission has fined Google €2.95 billion ($3.5 billion) for abusing its dominance in the digital advertising technology market and favoring its adtech services over those of its...
Wealthsimple, a leading Canadian online investment management service, has disclosed a data breach after attackers stole the personal data of an undisclosed number of customers in a recent incident. [...]
An Argo CD vulnerability allows API tokens with even low project-level get permissions to access API endpoints and retrieve all repository credentials associated with the project. [...]
Angus Whitley reports: Qantas Airways Ltd. Chief Executive Officer Vanessa Hudson and her top leadership team were docked A$800,000 ($522,000) in pay for a cyberbreach that impacted millions of...
Microsoft announced that starting this Thursday, all college students in the United States can get a free year of Microsoft 365 Personal. [...]
Identity Governance & Administration (IGA) is critical to keeping data secure, ensuring only the right people have access to the right resources. But legacy IGA is slow, costly, and code-heavy....
A critical SAP S/4HANA code injection vulnerability is being leveraged in attacks in the wild to breach exposed servers, researchers warn. [...]
The report contains statistics on mobile threats (malware, adware, and unwanted software for Android) for Q2 2025, as well as a description of the most notable malware types identified during the...
The report presents statistics for Windows, macOS, IoT, and other threats, including ransomware, miners, local and web-based threats, for Q2 2025.
As the attack surface expands and the threat landscape grows more complex, it’s time to consider whether your data protection strategy is fit for purpose
Today’s reminder of the insider threat, from the U.S. Attorney’s Office for the Eastern District of Virginia: ALEXANDRIA, Va. – A U.S. Department of State (DOS) employee was sentenced today to...
Siemens is collaborating with Snowflake, the AI Data Cloud company, to help manufacturers unlock new levels of operational efficiency, scale and AI-driven insights.
Over the last decade, forward-thinking manufacturers have adopted AR solutions with measurable gains that go beyond aesthetics.
IFCO, a global leader in reusable packaging solutions for fresh food, has opened its newest service center in Mesquite, near Dallas, Texas.
RF-based wireless power technologies have emerged as a revolutionary alternative, offering sustainable and operationally efficient solutions.