October 2025
Identifying risky candidates: Practical steps for security leaders
Effective insider threat defense begins with candidate vetting. Background checks and reference calls can confirm elements of an applicant’s history, but they rarely surface …
Everyone wants AI, but few are ready to defend it
The rush to deploy AI is reshaping how companies think about risk, according to Cisco. A global study finds that while most organizations are moving quickly to adopt AI, many …
Humanoid robot found vulnerable to Bluetooth hack, data leaks to China
Alias Robotics has published an analysis of the Unitree G1 humanoid robot, concluding that the device can be exploited as a tool for espionage and cyber attacks. A robot that …
The password problem we keep pretending to fix
Experts across industries say they are still losing ground against identity-related breaches, even after years of investment in stronger access controls, according to RSA. …
ImmuniWeb expands discovery with ASM and Dark web packages
On top of several new free tools launched during the summer, ImmuniWeb released over 500 updates, improvements, new features, and integrations across all our products in Q3, …
F5 data breach: “Nation-state attackers” stole BIG-IP source code, vulnerability info
US tech company F5 has suffered a breach, and the attackers made off with source code of and vulnerability information related to its BIG-IP family of networking and security …
Harmonic Security targets AI data risks with Model Context Protocol Gateway
Harmonic Security announced Model Context Protocol (MCP) Gateway, a developer-friendly, locally installed gateway that gives security teams complete visibility and control …
Blumira rolls out SOC Auto-Focus to streamline threat investigation
Blumira launched SOC Auto-Focus, an AI-powered security investigation tool, alongside enhancements to its Managed Service Provider (MSP) partner program. SOC Auto-Focus is …
Microsoft patches three zero-days actively exploited by attackers
On October 2025 Patch Tuesday, Microsoft released fixes for 175+ vulnerabilities, including three zero-days under active attack: CVE-2025-24990, CVE-2025-59230, and …
Aura enhancements simplify opt-outs and strengthen online privacy
Aura new tools to help consumers reclaim control over their personal information online. The new capabilities automate some of the most time-consuming privacy tasks, including …
BigID introduces MCP Server to unlock AI-native access to enterprise data
BigID announced the launch of its Model Context Protocol (MCP) server, designed to unlock AI-native access to enterprise data context across the broadest range of data sources …
BarracudaONE adds AI-powered tools to help MSPs simplify security
Barracuda Networks unveiled enhancements to its AI-powered BarracudaONE platform. New capabilities, including bulk remediation for email threats, PSA integrations for …
Featured news
Resources
Don't miss
- Attackers exploiting WSUS vulnerability drop Skuld infostealer (CVE-2025-59287)
- How neighbors could spy on smart homes
- How the City of Toronto embeds security across governance and operations
- Hottest cybersecurity open-source tools of the month: October 2025
- OpenAI’s gpt-oss-safeguard enables developers to build safer AI