Identity management was hard, AI made it harder

Identity security is becoming a core part of cybersecurity operations, but many organizations are falling behind. A new report from SailPoint shows that as AI-driven identities and machine accounts... Read more »

Czech cyber agency NUKIB flags Chinese espionage risks to critical infrastructure

Czech cybersecurity agency NUKIB warns of Chinese cyber threats to critical infrastructure, citing the cyberespionage group APT31 and risky devices. The Czech Republic’s National Cyber and Information Security Agency... Read more »

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 61

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Operation HanKook Phantom: North Korean APT37 targeting South... Read more »

Security Affairs newsletter Round 540 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new... Read more »

Week in review: Several companies affected by the Salesloft Drift breach, Sitecore 0-day vulnerability

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Zscaler, Palo Alto Networks, SpyCloud among the affected by Salesloft Drift breach In the... Read more »

Qantas cuts executive bonuses by 15% after a July data breach

Qantas cuts executive bonuses by 15% after a July cyberattack exposed data of 5.7M people, despite reporting $1.5B profit last fiscal year. Qantas cuts executive bonuses by 15% after... Read more »

MeetC2 – A serverless C2 framework that leverages Google Calendar APIs as a communication channel

MeetC2 is a PoC C2 tool using Google Calendar to mimic cloud abuse, helping teams test detection, logging, and response. Background: Modern adversaries increasingly hide command-and-control (C2) traffic inside cloud... Read more »

CISA Orders Immediate Patch of Critical Sitecore Vulnerability Under Active Exploitation

Federal Civilian Executive Branch (FCEB) agencies are being advised to update their Sitecore instances by September 25, 2025, following the discovery of a security flaw that has come under... Read more »

Critical SAP S/4HANA flaw CVE-2025-42957 under active exploitation

Experts warn of an actively exploited vulnerability, tracked as CVE-2025-42957 (CVSS score: 9.9), in SAP S/4HANA software. A critical command injection vulnerability, tracked as CVE-2025-42957 (CVSS score of 9.9), in SAP... Read more »

Firewall Bug Under Active Attack Triggers CISA Warning

CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP. Read more »
Subscribe to our Newsletter