Learn How to Build a Reasonable and Legally Defensible Cybersecurity Program
May 22, 2025The Hacker NewsSecurity Framework / Cyber Defense It’s not enough to be secure. In today’s legal climate, you need to prove it. Whether…
Latest Cybersecurity News — Page 1915
View all →
Security Theater or Real Defense? The KPIs That Tell the Truth
A critical step in maturing any cybersecurity program is the ability to measure and report on its performance. Yet measuring cybersecurity remains notoriously difficult, often…
FTC finalizes order requiring GoDaddy to secure hosting services
The U.S. Federal Trade Commission (FTC) has finalized an order requiring web hosting giant GoDaddy to secure its services to settle charges of data security…
Linux kernel SMB 0-Day Vulnerability Uncovered Using ChatGPT
Security researcher Sean has successfully identified a zero-day vulnerability in the Linux kernel using OpenAI’s o3 model. The discovery, designated as CVE-2025-37899, represents a significant…
Grafana Zero-Day Vulnerability Allows Attackers to Redirect Users to Malicious Sites
The High-severity cross-site scripting (XSS) vulnerability has been discovered in Grafana, prompting the immediate release of security patches across all supported versions. The vulnerability (CVE-2025-4123)…
Stalkerware apps go dark after data breach
A stalkerware company that recently leaked millions of users’ personal information online has taken all of its assets offline without any explanation. Now Malwarebytes has…
Chinese Hackers Exploit Ivanti EPMM Bugs in Global Enterprise Network Attacks
May 22, 2025Ravie LakshmananEnterprise Security / Malware A recently patched pair of security flaws affecting Ivanti Endpoint Manager Mobile (EPMM) software has been exploited by…
Marlboro-Chesterfield Pathology Data Breach Impacts 235,000 People
Marlboro-Chesterfield Pathology (MCP), a full service anatomic pathology lab in North Carolina, was recently targeted in a ransomware attack that resulted in many personal information…
Cisco Identity Services RADIUS Vulnerability Allows Attackers to Trigger Denial of Service Condition
Cisco has disclosed a significant security vulnerability in its Identity Services Engine (ISE) that could enable unauthenticated remote attackers to cause denial of service conditions…
19-Year-Old Admits to PowerSchool Data Breach Extortion
A 19-year-old college student faces charges after pleading guilty to cyber extortion targeting PowerSchool, exposing data of 60 million+ students & 10 million teachers. Learn…
Marks & Spencer Expects Ransomware Attack to Cost $400 Million
UK retailer Marks & Spencer (MKS.L) has shared another update on the impact of the recent cyberattack, and the company estimates that the incident will…
Chrome Vulnerabilities Let Attackers Execute Malicious Code Remotely
Google has released an urgent security update for Chrome after discovering multiple high-severity vulnerabilities that could allow attackers to execute malicious code remotely on users’…