Vulnerability
-
Sponsored by Tines
Beyond the hype: How security leaders can build AI agents that matter
AI agents can reclaim hours of lost analyst time if deployed with purpose, strategy and secure design.
By Eoin Hinchy, CEO & Co-Founder, Tines • June 30, 2025 -
stock.adobe.com/Malambo C/peopleimages.com
Sponsored by ImprivataWhy IT teams under pressure are looking to access logs for answers
Under pressure, IT teams are tapping access logs for real-time insight—not just compliance.
By Joel Burleson-Davis, Chief Technology Officer, Imprivata • June 30, 2025 -
Most building management systems exposed to cyber vulnerabilities, experts warn
A study of over 467,000 building management systems across 500 organizations found that 2% of all devices essential to business operations had the highest level of risk exposure.
By Joe Burns • June 27, 2025 -
Citrix via Flickr
Hackers exploiting critical Citrix Netscaler flaw, researchers say
After confirming exploitation of a separate zero-day flaw, Cloud Software Group promises to be transparent.
By David Jones • June 27, 2025 -
Microsoft to make Windows more resilient following 2024 IT outage
The company has been working with security partners to make sure future software updates don’t lead to operational disruptions for customers.
By David Jones • Updated June 26, 2025 -
Critical vulnerability in Citrix Netscaler raises specter of exploitation wave
Threat researchers warn the flaw could open up a flood of attacks that rival the 2023 CitrixBleed crisis.
By David Jones • Updated June 25, 2025 -
Researchers urge vigilance as Veeam releases patch to address critical flaw
The patch for a previously disclosed vulnerability in the company’s backup software did not offer adequate protection, according to researchers.
By David Jones • June 18, 2025 -
Cloud storage buckets leaking secret data despite security improvements
New data from Tenable highlighted significant improvements in the number of businesses with publicly exposed and critically vulnerable buckets storing sensitive data.
By Eric Geller • June 18, 2025 -
Critical Zyxel vulnerability under active exploitation after long period of quiet
Researchers say a sudden burst of activity could be linked to a Mirai botnet variant.
By David Jones • June 17, 2025 -
CISA warns of supply chain risks as ransomware attacks exploit SimpleHelp flaws
The latest confirmed cyber intrusion hit a utility billing software provider and its customers.
By Eric Geller • June 13, 2025 -
Software vulnerabilities pile up at government agencies, research finds
A Veracode report reveals that government networks have accumulated years of unresolved security flaws, putting them at serious risk of exploitation.
By David Jones • June 12, 2025 -
Critical flaw in Microsoft Copilot could have allowed zero-click attack
Researchers said the vulnerability, dubbed “EchoLeak,” could allow a hacker to access data without any specific user interaction.
By David Jones • Updated June 11, 2025 -
From malware to deepfakes, generative AI is transforming attacks
Generative AI is even helping hackers trick open-source developers into using malicious code, according to Gartner.
By Eric Geller • June 10, 2025 -
SentinelOne rebuffs China-linked attack — and discovers global intrusions
The security firm said the operatives who tried to breach it turned out to be responsible for cyberattacks on dozens of critical infrastructure organizations worldwide.
By Eric Geller • Updated June 9, 2025 -
Sponsored by ThreatLocker
Understanding the evolving malware and ransomware threat landscape
Cyber threats like ransomware and malware are rising fast, hitting firms like Frederick Health and Marks & Spencer. Defense needs layers, adaptability and vigilance.
By Farid Mustafayev, Senior Software Engineer, ThreatLocker • June 9, 2025 -
(2025). "EPA Administrator Lee Zeldin Launches the Greatest Day of Deregulation in American History" [Video]. Retrieved from U.S. Environmental Protection Agency.
Water utilities mitigate equipment flaws after researchers find widespread exposures
Censys researchers said hundreds of water treatment facilities have taken steps to protect against malicious cyber intrusions.
By David Jones • June 5, 2025 -
Vast array of solar power equipment left exposed online
The most commonly exposed device has been discontinued and vulnerable for a decade, new research found.
By Eric Geller • June 4, 2025 -
Sponsored by Rockwell Automation
Build more robust OT security with the NIST framework
Access your guide below and start your journey towards resilient, secure OT operations using the NIST framework.
June 2, 2025 -
Outage disrupts some SentinelOne services
Company executives said there was no indication the incident was the result of a security issue.
By David Jones • May 29, 2025 -
Google: China-backed hackers hiding malware in calendar events
The APT41 nation-state threat group is exploiting yet another cloud service to mask its operations, according to new research.
By Eric Geller • May 29, 2025 -
Thousands of ASUS routers compromised in sophisticated hacking campaign
Researchers have previously linked the suspected threat actor, dubbed ViciousTrap, to the exploitation of Cisco routers.
By David Jones • May 29, 2025 -
Microsoft, Dutch government discover new Russian hacking group
The findings highlight the vulnerability of all critical infrastructure firms to similar attack methods.
By Eric Geller • Updated May 28, 2025 -
US, allies recommend security protections for AI models
The joint guidance comes as officials fear how hackers could manipulate AI systems, especially in critical infrastructure.
By Eric Geller • May 22, 2025 -
Ivanti Endpoint Mobile Manager customers exploited via chained vulnerabilities
The company said additional CVEs may be necessary for flaws in related open-source libraries, but researchers are raising questions.
By David Jones • Updated May 20, 2025 -
GOP lawmakers urge ban of networking vendor TP-Link, citing ties to China
The Trump administration is facing mounting pressure to formulate a strategy for addressing supply-chain threats that endanger national security.
By Eric Geller • May 15, 2025