SecurityWeek

The proposed $491 million cut is being positioned as a “refocusing”of CISA on its core mission “while eliminating weaponization and waste.”

The new investment values Doppel at $205 million and provides runway to meet enterprise demand for AI-powered threat detection tools.

Kelly Benefits has determined that the impact of the recently disclosed data breach is much bigger than initially believed.

CISA has flagged a critical-severity Commvault vulnerability as exploited one week after technical details were released.

A 25-year-old has admitted hacking Disney systems and leaking data under the guise of a hacktivist collective named NullBulge.

The DragonForce ransomware group has claimed responsibility for the recent cyberattacks on UK retailers Co-op, Harrods, and M&S.

PoC code targeting two exploited SonicWall flaws was published just CISA added them to the KEV catalog.

Thirty-one cybersecurity merger and acquisition (M&A) deals were announced in April 2025.

EU privacy watchdog fined TikTok $600 million after a four-year investigation found that data transfers to China put users at risk of spying, in breach of strict EU data privacy rules.

The US government says defense contractor Raytheon and Nightwing agreed to pay $8.4 million to settle False Claims Act allegations.

Noteworthy stories that might have slipped under the radar: NullPoint Stealer source code leaked, researcher earns $17,500 from Apple for vulnerability, BreachForums down after zero-day exploitation by police.

Major UK retailers Co-op, Harrods, and M&S are scrambling to restore services that were affected by cyberattacks.

Nova Scotia Power’s investigation has shown that the recent cyberattack resulted in the theft of some customer information.

Hundreds of companies showcased their products and services this week at the 2025 edition of the RSA Conference in San Francisco.

Microsoft is prioritizing passwordless sign-in and sign-up methods, and is making new accounts passwordless by default.

Ukrainian national Artem Stryzhak was extradited to the US and charged with using Nefilim ransomware in attacks on large businesses.

Nova Scotia Power and Emera are responding to a cybersecurity incident that impacted IT systems and networks. 

The advantages AI tools deliver in speed and efficiency are impossible for developers to resist. But the complexity and risk created by AI-generated code can’t be ignored.

Commvault provides indicators of compromise and mitigation guidance after a zero-day exploit targeting its Azure environment lands in CISA’s KEV catalog.

ESET has analyzed Spellbinder, the IPv6 SLAAC spoofing tool Chinese APT TheWizards uses to deploy its WizardNet backdoor.