The rate of compensation gains has slowed from the COVID years, and budgets remain largely static due to economic fears, but CISOs are increasingly gaining […]
Hackers Use Gh0st RAT to Hijack Internet Café Systems for Crypto Mining
Hackers have been targeting Internet cafés in South Korea since the second half of 2024, exploiting specialized management software to install malicious tools for cryptocurrency […]
Critical Icinga 2 Vulnerability Allows Attackers to Obtain Valid Certificates
A critical vulnerability (CVE-2025-48057) has been discovered in Icinga 2, the widely used open-source monitoring platform. The flaw, affecting installations built with OpenSSL versions older […]
Tenable to Acquire AI Security Startup Apex
Apex will enhance Tenable’s AI Aware tool by mitigating the threats of AI applications and tools not governed by organizations, while enforcing existing security policies. […]
Microsoft Reveals Techniques for Defending Against Evolving AiTM Attacks
Microsoft has exposed the escalating sophistication of phishing attacks, particularly focusing on Adversary-in-the-Middle (AiTM) techniques that are becoming a cornerstone of modern cyber threats. As […]
MICI NetFax Server Flaws Allow Attackers to Execute Remote Code
In a recent security advisory, Rapid7 has disclosed three severe vulnerabilities in MICI Network Co., Ltd’s NetFax Server, affecting all versions before 3.0.1.0. These flaws—CVE-2025-48045, […]
New botnet hijacks AI-powered security tool on Asus routers
A newly uncovered botnet is targeting Asus routers — specifically models RT-AC3100 and RT-AC3200 — to hijack and repurpose a built-in, AI-powered security feature. The […]
New Study Uncovers Multiple Vulnerabilities in WeChat and IM Apps
Instant messaging (IM) applications like WeChat have become indispensable for billions, facilitating not only communication but also payments, business, and personal data exchange. However, their […]
From the “Department of No” to a “Culture of Yes”: A Healthcare CISO’s Journey to Enabling Modern Care
Breaking Out of the Security Mosh Pit When Jason Elrod, CISO of MultiCare Health System, describes legacy healthcare IT environments, he doesn’t mince words: “Healthcare […]
China-Linked Hackers Exploit SAP and SQL Server Flaws in Attacks Across Asia and Brazil
The China-linked threat actor behind the recent in-the-wild exploitation of a critical security flaw in SAP NetWeaver has been attributed to a broader set of […]