Microsoft promises more bug payouts, with or without a bounty program
Critical vulnerabilities found in third-party applications eligible for award under 'in scope by default' move
Security12 Dec 2025 | 4
Cybersecurity
Uncle Sam sues ex-Accenture manager over Army cloud security claims
Justice Department alleges federal auditors were misled over compliance with FedRAMP and DoD requirements
Off-Prem12 Dec 2025 | 7
Researcher claims Salt Typhoon spies attended Cisco training scheme
Skills gained later fed Beijing's cyber operations, according to SentinelLabs expert
Security11 Dec 2025 | 12
Users report chaos as Legal Aid Agency stumbles back online after cyberattack
Exclusive Workers frustrated with security-first changes to workflows and teething issues
Cyber-crime11 Dec 2025 | 3
Crisis in Icebergen: How NATO crafts stories to sharpen cyber skills
feature 1,500 military digital defenders spent the past week cleaning up a series of cyberattacks on fictional island
Security10 Dec 2025 | 6
UK to Europe: The time to counter Russia's information war machine is now
Foreign secretary set to address senior diplomats later today
Security09 Dec 2025 | 109
BROADER TOPICS
NARROWER TOPICS
Apache warns of 10.0-rated flaw in Tika metadata ingestion tool
Infosec in Brief PLUS: New kind of DDOS from the Americas; Predator still hunting spyware targets; NIST issues IoT advice; And more!
Security08 Dec 2025 | 7
Beijing-linked hackers are hammering max-severity React bug, AWS warns
State-backed attackers started poking flaw as soon as it dropped – anyone still unpatched is on borrowed time
Cyber-crime05 Dec 2025 | 4
TryHackMe races to add women to Christmas cyber challenge roster after backlash
Training outfit scrambles to fix all-male lineup before December kickoff
Security28 Nov 2025 | 31
OpenAI cuts off Mixpanel after analytics leak exposes API users
ChatGPT maker places other vendors under review following breach
AI + ML27 Nov 2025 | 4
London councils probe cyber incident as shared IT systems knocked offline
Three boroughs confirm investigation amid service outages, disrupted phone lines, and limited online access
Cyber-crime26 Nov 2025 | 21
Top five cybersecurity Black Friday deals for businesses 2025
Smart cybersecurity investments during Black Friday 2025. The best enterprise security deals with up to 60 percent off
Partner Content
Championing Cyber Security: the National UK Cyber Team's Journey at the European Cyber Security Challenge
Reflections on Coaching, Collaboration, and the Pursuit of Excellence in Cyber Security
Partner Content
Weaponized file name flaw makes updating glob an urgent job
Infosec In Brief PLUS: CISA issues drone warning; China-linked DNS-hijacking malware; Prison for BTC Samourai; And more
Security23 Nov 2025 | 10
Researchers claim 'largest leak ever' after uncovering WhatsApp enumeration flaw
Two-day exploit opened up 3.5 billion users to myriad potential harms
Research19 Nov 2025 | 67
Tens of thousands more ASUS routers pwned by suspected, evolving China operation
Researchers say attacks are laying the groundwork for stealthy espionage activity
Cyber-crime19 Nov 2025 | 37
FCC looks to torch Biden-era cyber rules sparked by Salt Typhoon mess
Regulator sides with telcos that claimed new cybersecurity duties were too ‘burdensome’
Cyber-crime18 Nov 2025 | 19
Take fight to the enemy, US cyber boss says
When? Sean Cairncross wouldn't say
Security18 Nov 2025 | 9
Overconfidence is the new zero-day as teams stumble through cyber simulations
Readiness metrics have flatlined since 2023, with most sectors slipping backward as teams fumble crisis drills
Security17 Nov 2025 | 7
Logitech leaks data after zero-day attack
INFOSEC IN BRIEF PLUS: CISA still sitting on telecoms security report; DoorDash phished again; Lumma stealer returns; and more
Security16 Nov 2025 | 1
UK's Cyber Security and Resilience Bill makes Parliamentary debut
Various touch-ups added as MPs seek greater resilience to attacks on critical sectors
Security12 Nov 2025 | 15
Aviation watchdog says organized drone attacks will shut UK airports ‘sooner or later’
Skies are open for mischief as hard-to-trace drones and fast-moving cyber raids promise new wave of disruption
Edge + IoT12 Nov 2025 | 30
China hates crypto and scams, but is now outraged USA acquired bitcoin from a scammer
A new theory from the agency that brought us ‘America hacked itself to blame Beijing’
Cyber-crime12 Nov 2025 | 12
Australia’s spy boss says authoritarian nations ready to commit ‘high-impact sabotage’
‘Elite teams’ are pondering cyber-attacks to turn off energy supply or telecoms networks
Security12 Nov 2025 | 35
Critical federal cybersecurity funding set to resume as government shutdown draws to a close - for now
Resolution acquiesced to by 8 Dems includes CISA Act funding, layoff reversals, and could be easily undone
Public Sector10 Nov 2025 | 6
Louvre's pathetic passwords belong in a museum, just not that one
Infosec in brief PLUS: CISA layoffs continue; Lawmakers criticize camera security; China to execute scammers; And more
Security09 Nov 2025 | 24
Bank of England says JLR's cyberattack contributed to UK's unexpectedly slower GDP growth
This kind of material economic impact from online crooks thought to be a UK-first
Cyber-crime07 Nov 2025 | 48
AMD red-faced over random-number bug that kills cryptographic security
Local privileges required to exploit flaw in Ryzen and Epyc CPUs. Some patches available, more on the way
Security05 Nov 2025 | 11
Consumer Financial Protection Bureau's security falls apart amid layoffs
Security program fails to meet federal standards as government cuts drain resources
Security04 Nov 2025 | 3
The race to shore up Europe’s power grids against cyberattacks and sabotage
Feature Ukraine first to demo open source security platform to isolate incidents, stop lateral movement
Security03 Nov 2025 | 23
Attackers targeting unpatched Cisco kit notice malware implant removal, install it again
Infosec in brief PLUS: Cyber-exec admits selling secrets to Russia; LastPass isn't checking to see if you're dead; Nation-state backed Windows malware; and more
Security02 Nov 2025 | 1
Proton trains new service to expose corporate infosec cover-ups
Service will tell on compromised organizations, even if they didn't plan on doing so themselves
Security30 Oct 2025 |
Postcode Lottery's lucky dip turns into data slip as players draw each other's info
Biz says 'technical error' caused short-lived leak affecting small number of users
Security30 Oct 2025 | 22
EY exposes 4TB+ SQL database to open internet for who knows how long
The Big Four biz’s big fat fail exposed a boatload of secrets online
Security29 Oct 2025 | 55
9 in 10 Exchange servers in Germany still running out-of-support software
Cybersecurity agency urges organizations to upgrade or risk total network compromise
Security29 Oct 2025 | 32
Iran's school for cyberspies could've used a few more lessons in preventing breaches
Ravin Academy confirms the intrusion on Telegram, says student data was stolen
Cyber-crime27 Oct 2025 | 7
X says passkey reset isn't about a security issue – it's to finally kill off twitter.com
Social media site dispatches crucial clarification days after curious announcement
Personal Tech27 Oct 2025 | 19
Shaq's new ride gets jaq'ed in haq attaq
Infosec In Brief PLUS: Judge spanks NSO; Mozilla requires data use disclosures; TARmageddon meets Rust; And more!
Security26 Oct 2025 | 12
Restructuring risk operations: building a business-aligned cyber strategy
Why organizations need a new strategy to break down silos and usher in a new era of risk intelligence
Partner Content
Devs are writing VS Code extensions that blab secrets by the bucketload
Vibe coding may have played a role in what took researchers months to fix
Research15 Oct 2025 | 10
CISA cuts more staff and reassigns others as government stays shut down
America's main cybersecurity agency has lost almost 1,000 people this year
Public Sector14 Oct 2025 | 6
British govt agents demand action after UK mega-cyberattacks surge 50%
Warn businesses to act now as high-severity incidents keep climbing
Cyber-crime14 Oct 2025 | 37
Senators try to save cyber threat sharing law, sans government funding
in brief Also, DraftKings gets stuffed, Zimbra collab software exploited again, and Apple bug bounties balloon
Cybersecurity Month13 Oct 2025 | 2
Pro-Russia hacktivist group dies of cringe after falling into researchers' trap
Forescout's phony water plant fooled TwoNet into claiming a fake cyber victory – then it quietly shut up shop
Security10 Oct 2025 | 10
UK techies' union warns members after breach exposes sensitive personal details
Prospect apologizes for cyber gaffe affecting up to 160K members
Cybersecurity Month10 Oct 2025 | 21
It's trivially easy to poison LLMs into spitting out gibberish, says Anthropic
Just 250 malicious training documents can poison a 13B parameter model - that's 0.00016% of a whole dataset
AI + ML09 Oct 2025 | 54
Discord says 70,000 photo IDs compromised in customer service breach
No word on why the outsourced supplier was storing this data in the first place
Cybersecurity Month09 Oct 2025 | 51
Hobble your AI agents to prevent them from hurting you too badly
That's the main takeaway from the Zenity AI Agent Security Summit
Cybersecurity Month09 Oct 2025 | 11
Germany slams brakes on EU's Chat Control device-scanning snoopfest
Berlin's opposition likely kills off Brussels' bid to scan everyone's messages
CSO08 Oct 2025 | 47
Subpoena tracking platform blames outage on AWS social engineering attack
Software maker Kodex said its domain registrar fell for a fraudulent legal order
Cybersecurity Month02 Oct 2025 |
Tile trackers are a stalker's dream, say Georgia Tech researchers
Plaintext transmissions, fixed MAC addresses, rotating 'unique' IDs, and more, make abuse easy
Research30 Sep 2025 | 15
Warnings about Cisco vulns under active exploit are falling on deaf ears
50,000 firewall devices still exposed
Patches30 Sep 2025 | 22
UK may already be at war with Russia, ex-MI5 head suggests
Baroness Manningham-Buller cites Kremlin sabotage, cyberattacks, and assassinations as signs of an undeclared conflict
Security29 Sep 2025 | 113
Jaguar Land Rover gets £1.5B government jump-start after cyber breakdown
Hundreds of thousands of workers in financial despair supported with landmark loan
Cyber-crime29 Sep 2025 | 31
Cyber threat-sharing law set to shut down, along with US government
Act passed in 2015 is due to lapse unless a continuing resolution passes - and that's unlikely
Security26 Sep 2025 | 9
Federal agencies DOGE questions about what cost-cutting team is doing
Oversight efforts have been rebuffed, says Democratic report, 'putting Americans' personal data at risk'
Public Sector26 Sep 2025 | 25
Politicos: 'There is a good strong case for government intervention' on JLR cyberattack
Covid-style financial support? Nothing to confirm yet, say MPs
Cyber-crime24 Sep 2025 | 23
OnePlus leaves researchers on read over Android bug that exposes texts
Updated Rapid7 warns flaw could let any app peek at your SMS, but smartphone vendor won't pick up
Security23 Sep 2025 | 11
SIM city: Feds say 100,000-card farms could have killed cell towers in NYC
Secret Service seizes 300-server network allegedly tied to nation-state hackers
Cyber-crime23 Sep 2025 | 81
EV charging biz zaps customers with data leak scare
Names, emails unplugged in DCS support snafu – but 'billing is safe'
Security23 Sep 2025 | 8
EU’s cyber agency blames ransomware as Euro airport check-in chaos continues
Airport staff revert to manual ops as travellers urged to use self-service check-in where possible
Cyber-crime22 Sep 2025 | 25
Tech troubles create aviation chaos on both sides of the Atlantic
‘Cyber-attack’ on ticketing outfit Collins and cable cuts at Dallas ground hundreds of flights
Cyber-crime22 Sep 2025 | 53
Biting the hand that feeds IT
