Trellix investigating breach of source code repository
The cybersecurity company said there is no immediate evidence of code being exploited or released. Source link
Category: CyberSecurityDive
New MOVEit vulnerabilities prompt urgent patch warning
Progress Software warned customers to immediately upgrade the file-transfer tool to fix the serious flaws. Source link
Critical vulnerability in cPanel leads to widespread exploitation
Researchers warn that threat activity continues to surge, including brute force attacks and ransomware. Source link
US and allies urge ‘careful adoption’ of AI agents
New guidance from a coalition of Western governments underscores the difficult-to-predict risks of still-evolving agentic tools. Source link
White House questions tech industry on defensive AI use, cybersecurity resilience
Companies may be reluctant to answer some of the government’s questions, given the sensitive topics they address. Source link
As email phishing evolves, malicious attachments decline and QR codes surge
A new Microsoft report also describes the collapse of a once-dominant tool for generating phishing websites with fake CAPTCHAs. Source link
US agencies promote zero-trust practices for operational technology networks
Many zero-trust defenses work differently in industrial environments than in traditional business networks, five federal agencies said in newly published guidance. Source link
PwC partners with Google Cloud to take on the managed security market
The professional services firm is stepping up its managed security ambitions with a Google Cloud-powered service that leans on agentic AI. The target market is…
CISA adds Microsoft, ConnectWise vulnerabilities to active exploitation catalog
Russia has used one of the flaws, security experts said, while North Korea has used the other. Source link
State CISOs losing confidence in ability to manage cyber risks
Deloitte-NASCIO study shows AI, budget pressures are forcing states to make tough decisions. Source link
North Korea-linked actor targets Web3 execs in social-engineering campaign
Founders and other top executives were compromised to gain access to crypto wallets. Source link
‘Fundamental tension’ undermines manufacturers’ cybersecurity
A simple security mistake caused roughly one-quarter of all financial losses in the sector in 2025, cybersecurity insurer Resilience said. Source link