In a chilling revelation for cybersecurity professionals, the Russian Market has solidified its position as the leading hub for stolen credentials, fueling a dramatic rise […]
Category: Cyber Security News
State-Sponsored Groups Intensify Attacks on Manufacturing Sector and OT Systems
The manufacturing sector has emerged as a prime target for cyber attackers in 2024, with a staggering 71% surge in active threat actors compared to […]
Android Security Update Addresses High-Severity Privilege Escalation Flaws
The Android Security Bulletin for June 2025, published on June 2, details a series of high-severity vulnerabilities affecting a wide range of Android devices. Security […]
_Kjetil_Kolbj%25C3%25B8rnsrud_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
Is Your CISO Navigating Your Flight Path?
If your CISO isn’t wielding influence with the CEO and helping top leaders clearly see the flight path ahead, your company is dangerously exposed. ​The […]
Critical 10-Year-Old Roundcube Webmail Bug Allows Authenticated Users Run Malicious Code
Cybersecurity researchers have disclosed details of a critical security flaw in the Roundcube webmail software that has gone unnoticed for a decade and could be […]
Aembit Extends Workload IAM to Microsoft Ecosystem, Securing Hybrid Access for Non-Human Identities
Aembit, the workload identity and access management (IAM) company, today announced a major expansion of its platform to support Microsoft environments. With this launch, enterprises […]
North Face Fashion Brand Alerts Customers to Credential Stuffing Attack
The North Face, a prominent outdoor fashion brand under VF Outdoor, LLC, detected unusual activity on its website, thenorthface.com. Following a swift and thorough investigation, […]
Apple iOS Activation Flaw Enables Injection of Unauthenticated XML Payloads
A severe vulnerability in Apple’s iOS activation infrastructure has been uncovered, posing a significant risk to device security during the setup phase. This flaw, identified […]
One hacker, many names: Industry collaboration aims to fix cyber threat label chaos
When the same Russian hacking group goes by Midnight Blizzard, Cozy Bear, APT29, or UNC2452, depending on which security vendor is tracking them, you know […]
CISA Alerts on ConnectWise ScreenConnect Authentication Vulnerability Actively Exploited
A critical improper authentication vulnerability has been discovered in ConnectWise ScreenConnect, tracked as CVE-2025-3935 and mapped to CWE-287 (Improper Authentication). This flaw affects all ScreenConnect […]