Why an Effective Detection and Response Strategy Must Focus on Very Attacked People (VAPs)
When a business is considering its vulnerabilities and turns to consider which of its people might pose the most of a risk, it’s likely their…
Month: August 2025
CastleBot Malware-as-a-Service Deploys Range of Payloads Linked to Ransomware Attacks
A sophisticated new malware framework named CastleBot has emerged as a significant threat to cybersecurity, operating as a Malware-as-a-Service (MaaS) platform that enables cybercriminals to…
Ex-NSA Chief Paul Nakasone Has a Warning for the Tech World
The Trump administration’s radical changes to United States fiscal policy, foreign relations, and global strategy—combined with mass firings across the federal government—have created uncertainty around…
French firm Bouygues Telecom suffered a data breach impacting 6.4M customers
French firm Bouygues Telecom suffered a data breach impacting 6.4M customers Pierluigi Paganini August 08, 2025 Bouygues Telecom suffered a cyberattack that compromised the personal…
KrebsOnSecurity in New ‘Most Wanted’ HBO Max Series – Krebs on Security
A new documentary series about cybercrime airing next month on HBO Max features interviews with Yours Truly. The four-part series follows the exploits of Julius…
DARPA’s AI Cyber Challenge reveals winning models for automated vulnerability discovery and patching
The Pentagon’s two-year public competition to spur the development of cyber-reasoning systems that use large language models to autonomously find and patch vulnerabilities in open-source…
New Windows-Based DarkCloud Stealer Attacking Computers to Steal Login Credentials and Financial Data
A sophisticated new variant of the DarkCloud information stealer has emerged in the cyberthreat landscape, targeting Windows users through carefully crafted phishing campaigns designed to…
KrebsOnSecurity in New ‘Most Wanted’ HBO Max Series – Krebs on Security
A new documentary series about cybercrime airing next month on HBO Max features interviews with Yours Truly. The four-part series follows the exploits of Julius…
OpenAI to fix GPT-5 issues, double rate limits for paid users after outrage
OpenAI’s CEO, Sam Altman, overpromised on GPT-5, and real-life results are underwhelming, but it looks like a new update is rolling out that might address…
Axis Camera Server Vulnerabilities Exposes Thousands of Organizations to Attack
Critical security flaws in Axis Communications’ surveillance infrastructure have left over 6,500 organizations worldwide vulnerable to sophisticated cyberattacks, with potential impacts spanning government agencies, educational…
WinRAR zero-day flaw exploited by RomCom hackers in phishing attacks
A recently fixed WinRAR vulnerability tracked as CVE-2025-8088 was exploited as a zero-day in phishing attacks to install the RomCom malware. The flaw is a directory traversal vulnerability…
Hackers Went Looking for a Backdoor in High-Security Safes—and Now Can Open Them in Seconds
Zhou added in his statement that Securam will be fixing the vulnerabilities Omo and Rowley found in future models of the ProLogic lock. “Customer security…