
Report: Fortune 500 employee-linked account exposure
A backbone of our economy, Fortune 500 companies employ more than 31 million people worldwide. According to data analyzed by the Enzoic research team, over the past three …

Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927)
A critical vulnerability (CVE-2025-29927) in the open source Next.js framework can be exploited by attackers to bypass authorization checks and gain unauthorized access to web …

How AI, corruption and digital tools fuel Europe’s criminal underworld
Europol has released its 2025 report on serious and organized crime in the EU. The EU Serious and Organised Crime Threat Assessment (EU-SOCTA) is based on intelligence from EU …

Enterprises walk a tightrope between AI innovation and security
AI/ML tool usage surged globally in 2024, with enterprises integrating AI into operations and employees embedding it in daily workflows, according to Zscaler. The report …

Finders Keypers: Open-source AWS KMS key usage finder
Finders Keypers is an open-source tool for analyzing the current usage of AWS KMS keys. It supports both AWS customer managed KMS keys and AWS Managed KMS keys. Use cases …

Cloud providers aren’t delivering on security promises
Security concerns around cloud environments has prompted 44% of CISOs to change cloud service provider, according to Arctic Wolf. This is being driven by the fact that 24% …

Week in review: Veeam Backup & Replication RCE fixed, free file converter sites deliver malware
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! …

53% of security teams lack continuous and up-to-date visibility
Enterprises lack visibility into their own data, creating security risks that are compounding as organizations and their employees increase AI adoption, according to Bedrock …

Malicious ads target Semrush users to steal Google account credentials
Cyber crooks are exploiting users’ interest in Semrush, a popular SEO, advertising, and market research SaaS platform, to steal their Google account credentials. The …

NAKIVO Backup & Replication vulnerability exploited by attackers (CVE-2024-48248)
A vulnerability (CVE-2024-48248) in NAKIVO Backup and Replication, a backup, ransomware protection and disaster recovery solution designed for organizations of all sizes and …

The hidden risk in SaaS: Why companies need a digital identity exit strategy
In the face of sudden trade restrictions, sanctions, or policy shifts, relying on SaaS providers outside your region for identity services is a gamble that companies can no …

AI will make ransomware even more dangerous
Ransomware is the top predicted threat for 2025, which is especially concerning given 38% of security professionals say ransomware will become even more dangerous when powered …
Featured news
Resources
Don't miss
- China-linked Murky Panda targets and moves laterally through cloud services
- Five ways OSINT helps financial institutions to fight money laundering
- DevOps in the cloud and what is putting your data at risk
- Russian threat actors using old Cisco bug to target critical infrastructure orgs
- AWS Trusted Advisor flaw allowed public S3 buckets to go unflagged