Infostealer crackdown: Operation Secure takes down 20,000 malicious IPs and domains
More than 20,000 malicious IP addresses and domains used by information-stealing malware were taken down during an international cybercrime crackdown...
Read more →News Archive
View All →
Former Black Basta Members Use Microsoft Teams and Python Scripts in 2025 Attacks
Jun 11, 2025Ravie LakshmananRansomware / Cybercrime Former members tied to the Black Basta ransomware operation have been observed sticking to...
Read more →
How Amazon Web Services uses AI to be a security ‘force multiplier’
When Amazon Web Services deploys thousands of new digital sensors around the globe, it often runs into a ruthless truth...
Read more →
Zero-click AI data leak flaw uncovered in Microsoft 365 Copilot
A new attack dubbed ‘EchoLeak’ is the first known zero-click AI vulnerability that enables attackers to exfiltrate sensitive data from...
Read more →
Understanding OWASP Top 10 – Mitigating Web Application Vulnerabilities
The OWASP Top 10 2021 represents the most critical web application security risks facing organizations today, with significant shifts reflecting...
Read more →
Scaling Smart: Federal Leaders Prioritize AI Security and Resilience
The biggest threat to artificial intelligence (AI) in government isn’t hype – it’s inertia. As Federal agencies explore opportunities to...
Read more →
Insyde UEFI Application Vulnerability Enables Digital Certificate Injection Through NVRAM Variable
A critical vulnerability in Insyde H2O UEFI firmware (tracked as CVE-2025-XXXX) allows attackers to bypass Secure Boot protections by injecting...
Read more →
NHS IT the big winner in Reeves’ Spending Review
The NHS has emerged as a big winner from the government’s Spending Review through to 2027 with approximately £10bn allocated...
Read more →
Global law-enforcement operation targets infostealer malware
Listen to the article 2 min This audio is auto-generated. Please let us know if you have feedback. An international...
Read more →
Dems want watchdog study of two troubled federally-funded vulnerability tracking initiatives
Two House Democratic leaders are asking a government watchdog to dig into two federally-funded initiatives to catalog software flaws and...
Read more →
How to Conduct a Secure Code Review
Secure code review represents a critical security practice that systematically examines software source code to identify and remediate security vulnerabilities...
Read more →
Outlook Vulnerability Allows Remote Execution of Arbitrary Code by Attackers
Microsoft confirmed a critical security vulnerability (CVE-2025-47176) in Microsoft Office Outlook, enabling attackers to execute arbitrary code. Despite the “Remote...
Read more →