Beyond the hype: How security leaders can build AI agents that matter

AI agents can reclaim hours of lost analyst time if deployed with purpose, strategy and secure design.

By Eoin Hinchy, CEO & Co-Founder, Tines • June 30, 2025

Why IT teams under pressure are looking to access logs for answers

Under pressure, IT teams are tapping access logs for real-time insight—not just compliance.

By Joel Burleson-Davis, Chief Technology Officer, Imprivata • June 30, 2025

Most building management systems exposed to cyber vulnerabilities, experts warn

A study of over 467,000 building management systems across 500 organizations found that 2% of all devices essential to business operations had the highest level of risk exposure. 

By Joe Burns • June 27, 2025

Hackers exploiting critical Citrix Netscaler flaw, researchers say

After confirming exploitation of a separate zero-day flaw, Cloud Software Group promises to be transparent.

By David Jones • June 27, 2025

Microsoft to make Windows more resilient following 2024 IT outage

The company has been working with security partners to make sure future software updates don’t lead to operational disruptions for customers.

By David Jones • Updated June 26, 2025

Critical vulnerability in Citrix Netscaler raises specter of exploitation wave

Threat researchers warn the flaw could open up a flood of attacks that rival the 2023 CitrixBleed crisis. 

By David Jones • Updated June 25, 2025

Researchers urge vigilance as Veeam releases patch to address critical flaw

The patch for a previously disclosed vulnerability in the company’s backup software did not offer adequate protection, according to researchers.

By David Jones • June 18, 2025

Cloud storage buckets leaking secret data despite security improvements

New data from Tenable highlighted significant improvements in the number of businesses with publicly exposed and critically vulnerable buckets storing sensitive data.

By Eric Geller • June 18, 2025

Critical Zyxel vulnerability under active exploitation after long period of quiet

Researchers say a sudden burst of activity could be linked to a Mirai botnet variant.

By David Jones • June 17, 2025

CISA warns of supply chain risks as ransomware attacks exploit SimpleHelp flaws

The latest confirmed cyber intrusion hit a utility billing software provider and its customers.

By Eric Geller • June 13, 2025

Software vulnerabilities pile up at government agencies, research finds

A Veracode report reveals that government networks have accumulated years of unresolved security flaws, putting them at serious risk of exploitation.

By David Jones • June 12, 2025

Critical flaw in Microsoft Copilot could have allowed zero-click attack

Researchers said the vulnerability, dubbed “EchoLeak,” could allow a hacker to access data without any specific user interaction.

By David Jones • Updated June 11, 2025

From malware to deepfakes, generative AI is transforming attacks

Generative AI is even helping hackers trick open-source developers into using malicious code, according to Gartner.

By Eric Geller • June 10, 2025

SentinelOne rebuffs China-linked attack — and discovers global intrusions

The security firm said the operatives who tried to breach it turned out to be responsible for cyberattacks on dozens of critical infrastructure organizations worldwide.

By Eric Geller • Updated June 9, 2025

Understanding the evolving malware and ransomware threat landscape

Cyber threats like ransomware and malware are rising fast, hitting firms like Frederick Health and Marks & Spencer. Defense needs layers, adaptability and vigilance.

By Farid Mustafayev, Senior Software Engineer, ThreatLocker • June 9, 2025

Water utilities mitigate equipment flaws after researchers find widespread exposures

Censys researchers said hundreds of water treatment facilities have taken steps to protect against malicious cyber intrusions.

By David Jones • June 5, 2025

Vast array of solar power equipment left exposed online

The most commonly exposed device has been discontinued and vulnerable for a decade, new research found.

By Eric Geller • June 4, 2025

Build more robust OT security with the NIST framework

Access your guide below and start your journey towards resilient, secure OT operations using the NIST framework.

June 2, 2025

Outage disrupts some SentinelOne services

Company executives said there was no indication the incident was the result of a security issue.

By David Jones • May 29, 2025

Google: China-backed hackers hiding malware in calendar events

The APT41 nation-state threat group is exploiting yet another cloud service to mask its operations, according to new research.

By Eric Geller • May 29, 2025

Thousands of ASUS routers compromised in sophisticated hacking campaign

Researchers have previously linked the suspected threat actor, dubbed ViciousTrap, to the exploitation of Cisco routers.

By David Jones • May 29, 2025

Microsoft, Dutch government discover new Russian hacking group

The findings highlight the vulnerability of all critical infrastructure firms to similar attack methods.

By Eric Geller • Updated May 28, 2025

US, allies recommend security protections for AI models

The joint guidance comes as officials fear how hackers could manipulate AI systems, especially in critical infrastructure.

By Eric Geller • May 22, 2025

Ivanti Endpoint Mobile Manager customers exploited via chained vulnerabilities

The company said additional CVEs may be necessary for flaws in related open-source libraries, but researchers are raising questions.  

By David Jones • Updated May 20, 2025

GOP lawmakers urge ban of networking vendor TP-Link, citing ties to China

The Trump administration is facing mounting pressure to formulate a strategy for addressing supply-chain threats that endanger national security.

By Eric Geller • May 15, 2025