The NCSC and its partner agencies have blown the whistle on an extensive campaign of malicious cyber attacks orchestrated by the Russian state Fancy Bear operation. Read more »
A passkey is an alternative user authentication method that eliminates the need for usernames and passwords. Read more »
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti EPMM, MDaemon Email Server, Srimax Output Messenger, Zimbra Collaboration, and ZKTeco BioTime flaws to its Known Exploited Vulnerabilities catalog. The... Read more »
We review RSA 2025 with Vigitrust CEO Mathieu Gorge who looks at the impacts on compliance of AI’s expanding risk surface, the role of the CISO, and a changed... Read more »
A critical vulnerability (CVE-2025-4322) in Motors, a WordPress theme popular with car/motor dealerships and rental services, can be easily exploited by unauthenticated attackers to take over admin accounts and... Read more »
A critical flaw in OpenPGP.js, tracked as CVE-2025-47934, lets attackers spoof message signatures; updates have been released to address the flaw. A critical vulnerability, tracked as CVE-2025-47934, in OpenPGP.js... Read more »
Veeam Software launched Veeam Kasten for Kubernetes v8, designed to bring data resilience to both traditional virtual machines (VMs) and cloud-native environments, delivering security and operational efficiency. Veeam Kasten... Read more »
Strider announced new capabilities for Spark, the company’s proprietary AI-powered intelligence engine that is transforming how organizations identify and mitigate risks associated with state-sponsored threats. Industry, government, and academic... Read more »
Organisations using the Databricks and Snowflake platforms will be able to use Capital One’s Databolt tool to secure their data Read more »
South Korean mobile network operator SK Telecom revealed that the security breach disclosed in April began in 2022. SK Telecom is South Korea’s largest wireless telecom company, a major... Read more »
