We can alleviate the expanding burden on the CISO
Every year, October’s Cybersecurity Awareness Month rightly shines a light on the importance of building a security-conscious workforce. But for many chief information security officers…
Month: November 2025
Software Supply Chain Attacks Set Records In October
Software supply chain attacks hit levels in October that were more than 30% higher than any previous month. Threat actors on dark web data leak…
New backdoor exploits OpenAI API for covert C2
SesameOp: New backdoor exploits OpenAI API for covert C2 Pierluigi Paganini November 04, 2025 Microsoft found a new backdoor, SesameOp, using the OpenAI Assistants API…
Media giant Nikkei reports data breach impacting 17,000 people
Image: Nikkei/Masayuki Kozono Japanese publishing giant Nikkei announced earlier today that its Slack messaging platform had been compromised, exposing the personal information of over 17,000 employees…
Critical RCE Vulnerability in Popular React Native NPM Package Exposes Developers to Attacks
A critical remote code execution (RCE) vulnerability tracked as CVE-2025-11953 in the @react-native-community/cli NPM package. With nearly 2 million weekly downloads, this package powers the…
The Security Interviews: Colin Mahony, CEO, Recorded Future
“I have always been a data and analytics person,” says Colin Mahony, CEO of Recorded Future. “It’s one of the things I love about Recorded…
Researchers warn of flaws that allow manipulation of Microsoft Teams messages
Critical flaws in Microsoft Teams can be used to allow an attacker to manipulate messages, spoof notifications and even impersonate executives, according to a report…
Bugcrowd acquires Mayhem Security to advance AI-powered security testing
Bugcrowd, a company known for its work in bug bounty and vulnerability disclosure, has announced the acquisition of Mayhem Security, an AI-driven offensive security firm. …
Data breach at major Swedish software supplier impacts 1.5 million
The Swedish Authority for Privacy Protection (IMY) is investigating a cyberattack on IT systems supplier Miljödata that exposed data belonging to 1.5 million people. Miljödata…
Android Hit by 0-Click RCE Vulnerability in Core System Component
Google has released an urgent security alert addressing a critical remote code execution vulnerability affecting Android devices worldwide. The vulnerability, tracked as CVE-2025-48593, exists in…
Europol and Eurojust Dismantle €600 Million Crypto Fraud Network in Global Sweep
Nov 04, 2025Ravie LakshmananCybercrime / Money Laundering Nine people have been arrested in connection with a coordinated law enforcement operation that targeted a cryptocurrency money…
U.S. Insiders Indicted For Attacks
Federal prosecutors in the United States have charged three individuals for allegedly carrying out a series of ransomware attacks targeting five U.S. companies using BlackCat ransomware, also…