Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028)
If your organization is using Commvault Command Center for your data protection, backup creation, configuration and restoration needs, you should check whether your on-premise …
Skyhawk Security brings preemptive cloud app defense to RSAC 2025
Skyhawk Security is adding new protection for custom-built cloud applications. The company announced the update to its AI-powered Autonomous Purple Team for RSAC 2025 …
Understanding 2024 cyber attack trends
Mandiant has released the M-Trends 2025 report, which outlines global cyber attack trends based on their own incident response engagements from 2024. Key trends and insights …
Exposed and unaware: The state of enterprise security in 2025
The Edgescan 2025 Vulnerability Statistics Report offers a data-rich snapshot of the global cybersecurity landscape, drawing from thousands of assessments and penetration …
Coaching AI agents: Why your next security hire might be an algorithm
Security teams are drowning in alerts. The sheer volume of threats, suspicious activity, and false positives makes it nearly impossible for analysts to investigate everything …
A new era of cyber threats is approaching for the energy sector
Cyber threats targeting the energy sector come in many forms, including state-sponsored actors seeking to disrupt national infrastructure, cybercriminals motivated by profit, …
Review: Artificial Intelligence for Cybersecurity
Artificial Intelligence for Cybersecurity is a practical guide to how AI and machine learning are changing the way we defend digital systems. The book aims to explain how AI …
One in three security teams trust AI to act autonomously
While AI adoption is widespread, its impact on productivity, trust, and team structure varies sharply by role and region, according to Exabeam. The findings confirm a critical …
Released: MITRE ATT&CK v17.0, now with ESXi attack TTPs
MITRE has released the latest version of its ATT&CK framework, which now also includes a new section (“matrix”) to cover the tactics, techniques and …
2025 Data Breach Investigations Report: Third-party breaches double
The exploitation of vulnerabilities has seen another year of growth as an initial access vector for breaches, reaching 20%, according to Verizon’s 2025 Data Breach …
Attackers phish OAuth codes, take over Microsoft 365 accounts
Suspected Russian threat actors are using OAuth-based phishing attacks to get targets to grant them access to their Microsoft 365 (M365) accounts. “The primary tactics …
When confusion becomes a weapon: How cybercriminals exploit economic turmoil
It begins with a simple notification: “Markets in Free Fall.” Within moments, the headlines multiply: new tariffs, emergency actions, plummeting consumer confidence. Across …
Featured news
Resources
Don't miss
- How FinTechs are turning GRC into a strategic enabler
- Secretless Broker: Open-source tool connects apps securely without passwords or keys
- Product showcase: Protect your data with Apricorn Aegis Secure Key 3NXC
- Microsoft introduces protection against email bombing
- Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463)