StackHawk raises $12 million to help security teams tackle AI-powered dev cycles
StackHawk, the shift-left API security platform, announced it has taken on $12 million in additional funding from Sapphire and Castanoa Ventures to help security teams…
Latest Cybersecurity News — Page 1914
View all →
Unpatched Versa Concerto Flaws Let Attackers Escape Docker and Compromise Host
May 22, 2025Ravie LakshmananVulnerability / Software Security Cybersecurity researchers have uncovered multiple critical security vulnerabilities impacting the Versa Concerto network security and SD-WAN orchestration platform…
Lloyds and Nationwide to use UK finance sector LLM
Lloyds Banking Group and Nationwide Building Society are set to roll out a generative AI (GenAI) tool that has been specifically designed for the UK…
Attackers Abuse TikTok and Instagram APIs — API Security
It must be the season for API security incidents. Hot on the heels of a developer leaking an API key for private Tesla and SpaceX…
Chinese hackers breach US local governments using Cityworks zero-day
Chinese-speaking hackers have exploited a now-patched Trimble Cityworks zero-day to breach multiple local governing bodies across the United States. Trimble Cityworks is a Geographic Information…
New NIST Security Metric Aims to Pinpoint Exploited Vulnerabilities
Researchers from the National Institute of Standards and Technology (NIST) and the Cybersecurity and Infrastructure Security Agency (CISA) have introduced a new security metric designed…
Critical Windows Server 2025 dMSA Vulnerability Enables Active Directory Compromise
May 22, 2025Ravie LakshmananCybersecurity / Vulnerability A privilege escalation flaw has been demonstrated in Windows Server 2025 that makes it possible for attackers to compromise…
Attackers Exploit BIND DNS Server Vulnerability to Crash Servers Using Malicious Packets
The vulnerability in BIND DNS server software allowed attackers to crash DNS servers by sending specifically crafted malicious packets. This flaw, identified as CVE-2023-5517, could…
Who’s Patching Your Network?
According to Cybersecurity Ventures, cybercrime cost the world an estimated $9.5 trillion last year. Cybercriminals are no longer focused on big targets alone. They want reach.…
Lumma information stealer infrastructure disrupted
The US Department of Justice (DOJ) and Microsoft have disrupted the infrastructure of the Lumma information stealer (infostealer). Lumma Stealer, also known as LummaC or…
Learn How to Build a Reasonable and Legally Defensible Cybersecurity Program
May 22, 2025The Hacker NewsSecurity Framework / Cyber Defense It’s not enough to be secure. In today’s legal climate, you need to prove it. Whether…
Security Theater or Real Defense? The KPIs That Tell the Truth
A critical step in maturing any cybersecurity program is the ability to measure and report on its performance. Yet measuring cybersecurity remains notoriously difficult, often…