Sector by sector: How data breaches are wrecking bottom lines

Data breaches are rising across industries, hitting healthcare, finance, and retail especially hard. The damage goes beyond lost data, as it’s financial, operational, and reputational. The post Sector by... Read more »

Organizations can’t afford to be non-compliant

Non-compliance can cost organizations 2.71 times more than maintaining compliance programs, according to Secureframe. That’s because non-compliance can result in business disruption, productivity losses, fines, penalties, and settlement costs,... Read more »

Fortinet Warns Attackers Retain FortiGate Access Post-Patching via SSL-VPN Symlink Exploit

Fortinet has revealed that threat actors have found a way to maintain read-only access to vulnerable FortiGate devices even after the initial access vector used to breach the devices... Read more »

What’s the government up to with digital verification services? ‘ID’ like to know

Is the government really looking to compete with the private sector for provision of digital identity? Such a move risks fundamentally undermining public trust in critical digital verification services Read more »

Adobe Patches 11 Critical ColdFusion Flaws Amid 30 Total Vulnerabilities Discovered

Adobe has released security updates to fix a fresh set of security flaws, including multiple critical-severity bugs in ColdFusion versions 2025, 2023 and 2021 that could result in arbitrary file... Read more »

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 41

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Lazarus Expands Malicious npm Campaign: 11 New Packages Add Malware... Read more »

Security Affairs newsletter Round 519 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of... Read more »

China admitted its role in Volt Typhoon cyberattacks on U.S. infrastructure

China admitted in a secret meeting with U.S. officials that it conducted Volt Typhoon cyberattacks on U.S. infrastructure, WSJ reports. China reportedly admitted in a secret meeting with U.S.... Read more »

Week in review: Microsoft patches exploited Windows CLFS 0-day, WinRAR MotW bypass flaw fixed

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824) April 2025 Patch Tuesday is here,... Read more »

Symbolic Link trick lets attackers bypass FortiGate patches, Fortinet warns

Fortinet warns attackers can keep read-only access to FortiGate devices even after the original vulnerability is patched. Fortinet warns that threat actors can retain read-only access to FortiGate devices... Read more »
Subscribe to our Newsletter