2025 Data Breach Investigations Report: Third-party breaches double

The exploitation of vulnerabilities has seen another year of growth as an initial access vector for breaches, reaching 20%, according to Verizon’s 2025 Data Breach Investigations Report. Researchers analyzed... Read more »

The popular xrpl.js Ripple cryptocurrency library was compromised in a supply chain attack

The xrpl.js Ripple cryptocurrency library was compromised in a supply chain attack aimed at stealing users’ private keys. Threat actors compromised the Ripple cryptocurrency npm JavaScript library xrpl.js to harvest... Read more »

Attackers phish OAuth codes, take over Microsoft 365 accounts

Suspected Russian threat actors are using OAuth-based phishing attacks to get targets to grant them access to their Microsoft 365 (M365) accounts. “The primary tactics observed involve the attacker... Read more »

British retailer giant Marks & Spencer (M&S) is managing a cyber incident

Marks & Spencer (M&S) confirmed it’s managing a cyber incident after multiple customer complaints surfaced on social media. Marks and Spencer Group plc (M&S) announced it has been managing... Read more »

Chinese Cybercriminals Released Z-NFC Tool for Payment Fraud

Cybercriminals leverage NFC fraud against ATMs and POS terminals, stealing money from consumers at scale. Resecurity (USA) investigated multiple incidents identified in Q1 2025, exceeding several million dollars in... Read more »

1Password provides secure access for AI agents

1Password announced Agentic AI Security capabilities as part of the 1Password Extended Access Management platform, built to secure and govern identities, credentials, and access of autonomous AI agents in... Read more »

Cohesity RecoveryAgent automates time-consuming and manual tasks

Cohesity announced Cohesity RecoveryAgent, a new AI-powered cyber orchestration solution for Cohesity NetBackup and DataProtect customers. RecoveryAgent automates cyber recovery preparation, testing, compliance, and response, enabling customers to recover... Read more »

BlinkOps Security Agent Builder enables organizations to create unlimited AI agents

BlinkOps launched No-Code Security Agent Builder, an enterprise platform that allows security teams to create an unlimited number of custom security agents tailored for their unique environments. The platform... Read more »

Amid uncertainty, Armis becomes newest CVE numbering authority

Amid an uncertain future for vulnerability research, exposure management company Armis has been given the authority to assign CVE IDs to newly discovered vulnerabilities Read more »

Veeam simplifies the protection of organizations’ Microsoft Entra ID users

Veeam Software announced Veeam Data Cloud for Microsoft Entra ID. With Entra ID (formerly Azure AD) facing over 600 million attacks daily, protecting organizations’ digital identity has never been... Read more »
Subscribe to our Newsletter