CISA alert draws attention to spyware’s targeting of messaging apps
The Cybersecurity and Infrastructure Security Agency warned Monday about threat groups using commercial spyware to target messaging apps, and urged users to take protective steps.…
Category: Cyberscoop
This campaign aims to tackle persistent security myths in favor of better advice
Some cybersecurity advice has been around for ages: Frequently change passwords, avoid public Wi-Fi. But most experts say a lot of that knowledge is rooted…
The slow rise of SBOMs meets the rapid advance of AI
Open-source components power nearly all modern software, but they’re often buried deep in massive codebases—hiding severe vulnerabilities. For years, software bills of materials (SBOMs) have…
When trust turns toxic: Lessons from the Salesloft Drift incident
The recent Salesloft Drift breach offered a sobering reminder of how easily trust can be weaponized in today’s SaaS and AI-integrated environments. In this incident,…
Privacy group sues feds over talks with tech companies on ICE raid trackers
A digital privacy group is suing the federal government to obtain records of its communications with technology and social media companies leading up to the…
Legacy web forms are the weakest link in government data security
Federal, state, and local government agencies face a critical vulnerability hiding in plain sight: outdated web forms collecting citizen data through insecure channels. While agencies…
NSO Group argues WhatsApp injunction threatens existence, future U.S. government work
NSO Group argued in a court filing this week that the court should pause the permanent injunction preventing it from targeting WhatsApp with its spyware…
Hundreds of Salesforce customers hit by yet another third-party vendor breach
Salesforce said yet another breach involving a third-party vendor has compromised customers’ data, warning in a security advisory late Wednesday that it detected unusual activity…
SEC drops case against SolarWinds tied to monumental breach
The Securities and Exchange Commission on Thursday dropped its case against SolarWinds and its chief information security officer over its handling of an alleged Russian…
Top Senate Intel Dem warns of ‘catastrophic’ cyber consequences of Trump admin national security firings, politicization
Politicization of intelligence in the Trump administration, as well as the “hollowing out” of government expertise, is leaving the United States dangerously vulnerable to cyberattacks…
Why Anna Gomez believes the FCC is letting telecoms off easy after Salt Typhoon
The Federal Communications Commission is set to vote Thursday on whether to rescind a set of last-minute Biden administration regulations following a massive Chinese compromise…
Palo Alto Networks to acquire observability firm Chronosphere for $3.35 billion
Palo Alto Networks announced Wednesday it will acquire Chronosphere, a cloud observability platform, for $3.35 billion in cash and equity, marking the cybersecurity company’s latest…