Latest News

The impact of the Change Healthcare ransomware-caused data breach has increased from 100 million to 190 million individuals.

A vulnerability in Subaru’s Starlink connected vehicle service exposed US, Canada, and Japan vehicle and customer accounts.

North Korean fake IT workers are more aggressively extorting their employers in response to law enforcement actions.

Noteworthy stories that might have slipped under the radar: Korean VPN supply chain attack, PayPal settles with New York for $2 million, trojanized RAT builder targets script kiddies.  

The US has announced charges against five individuals involved in a fake IT workers scheme to funnel funds to North Korea.

CISA has added the JQuery flaw CVE-2020-11023, previously linked to APT1, to its Known Exploited Vulnerabilities (KEV) catalog.  

Four decades of student and educator information was stolen from PowerSchool – tens of millions are potentially affected.

Business resilience must be the ultimate purpose of all the security controls and processes we employ, because we will never conclusively defeat or protect ourselves from social engineering.

Pwn2Own Automotive 2025 has come to an end and participants have earned a total of $886,000 for exploits targeting EV chargers and infotainment systems.

Eclypsium warns that Palo Alto Networks firewalls are impacted by BIOS and bootloader flaws, but the vendor says users should not be concerned.

Conduent has confirmed suffering disruptions due to a cyberattack after government agencies reported service outages.

The continuing advance of AI brings the likelihood of effective, specific vulnerability-targeted new malware automatically produced in hours rather than days or weeks ever closer.

Security data pipeline management startup Axoflow has raised $7 million in a seed funding round led by EBRD Venture Capital.

A malicious campaign has been redirecting macOS users to a fake Homebrew website, infecting them with information stealer malware.

Hackers earned more than $700,000 on the first two days of Pwn2Own Automotive 2025 for EV charger and infotainment exploits.