Tens of thousands unpatched GitLab servers under attack via CVE-2021-22205
Attackers are actively exploiting an “old” vulnerability (CVE-2021-22205) to take over on-premise GitLab servers, Rapid7 researcher Jacob Baines warns. The …
Lean security: How small cybersecurity teams perform at Fortune 2000 levels
There’s a widespread misconception that small IT security teams, or “lean sec teams”, cannot protect their organizations as comprehensively as bigger security teams who enjoy …
How to ease password pains while maintaining security
As much as any industry, healthcare must deal with a security landscape that is fraught with challenges and tensions. Health delivery organizations (HDOs) operate under …
Top 10 ways attackers are increasing pressure on their ransomware victims to pay
Sophos researchers have detailed how ransomware attackers are implementing a wide range of ruthless pressure tactics to persuade victims to pay the ransom. Their research is …
Surge in cyber attacks confirms the need for zero trust security
Zscaler announced the release of a report that tracked and analyzed over 20 billion threats blocked over HTTPS, a protocol originally designed for secure communication over …
Organizations can save $1.9 million using workforce passwordless authentication
Secret Double Octopus and Ponemon Institute announced the results of a US-based study focused on understanding the state of workforce passwordless authentication, from …
Ten CIO agenda predictions that will impact IT pros by 2026
According to an IDC report, through 2026, 65% of CIOs will sustain a cycle of tech-based empowerment, agility, and resilience through collaborative governance, new service …
The ultimate SaaS Security Posture Management (SSPM) checklist
Cloud security is the umbrella that holds within it: IaaS, PaaS and SaaS. Gartner created the SaaS Security Posture Management (SSPM) category for solutions that continuously …
(IN)SECURE Magazine issue 70 released
(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. Issue 70 has been released today. It’s a free …
Nessus 10 is out, with Raspberry Pi support
Tenable has released Nessus 10 and extended supported platforms to include Raspberry Pi, allowing penetration testers, consultants, security teams and students to deploy the …
A ransomware reality check for CISOs
The rising tide of ransomware attacks targeting critical infrastructure sectors has reached unprecedented heights. Now at the top of many CISOs’ agendas, a confluence of …
Rooting malware discovered on Google Play, Samsung Galaxy Store
Researchers have discovered 19 mobile apps carrying rooting malware on official and third-party Android app stores, including Google Play and Samsung Galaxy Store. …
Featured news
Resources
Don't miss
- Exploits for unauthenticated FortiWeb RCE are public, so patch quickly! (CVE-2025-25257)
- FAPI 2.0: How the OpenID Foundation is enabling scalable interoperability in global healthcare
- pqcscan: Open-source post-quantum cryptography scanner
- Bitdefender PHASR: Proactive hardening demo overview
- Critical Wing FTP Server vulnerability exploited in the wild (CVE-2025-47812)