CISOs, stop chasing vulnerabilities and start managing human risk
Breaches continue to grow in scale and speed, yet the weakest point remains unchanged: people. According to Dune Security’s 2025 CISO Risk Intelligence Survey, over…
Month: September 2025
Workday Confirms Data Breach – Hackers Accessed Customers Data and Case Information
Workday has confirmed it suffered a data breach after a security incident involving a third-party application that compromised customer information. The breach originated from Salesloft’s…
Chrome Security Update Patches Critical Remote Code Execution Vulnerability
Google has issued an urgent security update for the Chrome browser on Windows, Mac, and Linux, addressing a critical vulnerability that could allow attackers to…
SAP Patches Critical NetWeaver (CVSS Up to 10.0) and Previously Exploited S/4HANA Flaws
Sep 10, 2025Ravie LakshmananSoftware Security / Vulnerability SAP on Tuesday released security updates to address multiple security flaws, including three critical vulnerabilities in SAP Netweaver…
Cisco Elevates the SOC with Agentic AI
Cisco today introduced Splunk Enterprise Security Essentials Edition and Splunk Enterprise Security Premier Edition, providing two agentic AI-powered SecOps options that unify security workflows across…
Adobe Commerce Flaw CVE-2025-54236 Lets Hackers Take Over Customer Accounts
Sep 10, 2025Ravie LakshmananVulnerability / Software Security Adobe has warned of a critical security flaw in its Commerce and Magento Open Source platforms that, if…
NAB makes cuts to technology and enterprise operations division
NAB is set to cut 410 “roles” in its technology and enterprise operations division, becoming the second of the ‘big four’ to reduce the size…
Critical infrastructure security tech needs to be as good as our smartphones, top NSC cyber official says
The top cyber official at the National Security Council said Tuesday that he’s dismayed by the lag in security technology embedded in critical infrastructure, saying…
Microsoft Patch Tuesday addresses 81 vulnerabilities, none actively exploited
Microsoft addressed 81 vulnerabilities affecting its enterprise products and underlying Windows systems, but none have been actively exploited, the company said in its latest security…
How External Attack Surface Management helps enterprises manage cyber risk
Every day, businesses spin up new digital services (websites, APIs, and cloud instances) and it can be for security teams to keep track. Somewhere in…
Innovator Spotlight: Oleria – Cyber Defense Magazine
Identity’s New Frontier: How CISOs Can Navigate the Complex Landscape of Modern Access Management The cybersecurity battlefield has shifted. No longer are perimeter defenses and…
Microsoft Patch Tuesday, September 2025 Edition – Krebs on Security
Microsoft Corp. today issued security updates to fix more than 80 vulnerabilities in its Windows operating systems and software. There are no known “zero-day” or…