Cybersecurity

Congressman proposes bringing back letters of marque for cyber privateers

Bill would let US President commission white hat hackers to go after foreign threats, seize assets on the online seas

Security21 Aug 2025 | 38

Commvault releases patches for two nasty bug chains after exploits proven

Updated Researchers disclosing their findings said 'it's as bad as it sounds'

Patches20 Aug 2025 |

'Limited' data leak at Aussie telco turns out to be 280K customer details

iiNet breach blamed on single stolen login, with emails, phone numbers, and addresses exposed

Networks20 Aug 2025 | 6

Casino tech outfit Bragg cops to intrusion but says data jackpot untouched

Toronto company says weekend cyber raid hit internal IT, not punters' wallets

Cyber-crime19 Aug 2025 | 1

P2P payment service Zelle sued for enabling payment fraud hell

Infosec In Brief PLUS: Kryptos solution up for auction; Canadian parliament springs a leak; Fake crypto lawyers; And more

Security17 Aug 2025 | 10

Telco giant Colt suffers attack, takes systems offline

Updated London-based multinational takes customer portal and Voice API platform offline as 'protective measure' following breach

Cyber-crime15 Aug 2025 | 3

Lock down your critical infrastructure, CISA begs admins

The agency offered some tips for operational technology environments, where attacks are rising

Security14 Aug 2025 | 6

Stock in the Channel pulls website amid cyberattack

Updated Intruders accessed important systems but tells customers their data is safe

Cyber-crime14 Aug 2025 | 5

Major outage at Pennsylvania Attorney General's Office blamed on 'cyber incident'

Website, emails, and phones are down for a second day

Security12 Aug 2025 |

Hyundai: Want cyber-secure car locks? That'll be £49, please

Automaker's answer to spate of car thefts is to charge customers for extra

Security12 Aug 2025 | 109

UK's Ministry of Defence pins hopes on AI to stop the next massive email blunder

Australia's Castlepoint Systems recruited to avoid repeat of Afghan breach scandal

Public Sector06 Aug 2025 | 41

Three US agencies get failing grades for not following IT best practices

Updated CIOs at the EPA, DHS, and GSA are called out for failure to implement critical cybersecurity recommendations

Public Sector05 Aug 2025 | 5

Chained bugs in Nvidia's Triton Inference Server lead to full system compromise

Wiz Research details flaws in Python backend that expose AI models and enable remote code execution

Patches05 Aug 2025 | 1

Forget the Space Force! Trump needs to create a Cyber Force, says think tank

One new military branch per term would have to be some sort of record

Public Sector04 Aug 2025 | 24

CISA roasts unnamed critical national infrastructure body for shoddy security hygiene

Plaintext passwords, shared admin accounts, and insufficient logging rampant at mystery org

Security02 Aug 2025 | 17

Gene scanner pays $9.8 million to get feds off its back in security flap

Illumina allegedly lied about its testing devices meeting government standards

Security31 Jul 2025 | 4

NHS disability equipment provider on brink of collapse a year after cyberattack

Government officials say they are monitoring the situation

Cyber-crime31 Jul 2025 | 16

Banning VPNs to protect kids? Good luck with that

Analysis UK's Online Safety Act kicks off about as well as everyone expected

Networks31 Jul 2025 | 311

Lethal Cambodia-Thailand border clash linked to cyber-scam slave camps

Analysis Infosec issues spill into the real world and regional politics

Security31 Jul 2025 | 17

Ransomware gang sets deadline to leak 3.5 TB of Ingram Micro data

Distie insists global operations restored despite some websites only now coming back online

Cyber-crime30 Jul 2025 | 4

War Games: MoD asks soldiers with 1337 skillz to compete in esports

Troopers to swap radios for Turtle Beaches in preparation for ‘21st century challenges’

Cyber-crime29 Jul 2025 | 12

Majority of 1.4M customers caught in Allianz Life data heist

No word on who's behind it, but attack has hallmarks of the usual suspects

Cyber-crime28 Jul 2025 | 2

Microsoft patches critical SharePoint 2016 zero-days amid active exploits

Admins urged to rotate machine keys, restart IIS after emergency fix

Patches22 Jul 2025 |

Security shop Adarma ceases trading, confirms it will enter administration

Former staffers of struggling UK biz say they don’t expect to be paid for July

Security16 Jul 2025 | 3

IT consultancy settles US battle over alleged $14.75M government contract fraud

Outfit was accused of charging for specialist IT labor performed by uncertified folks

Public Sector15 Jul 2025 | 2

A software-defined radio can derail a US train by slamming the brakes on remotely

Updated Neil Smith has been trying to get the railroad industry to listen since 2012, but it took a CISA warning to get there

Security14 Jul 2025 | 74

Russia, hotbed of cybercrime, says nyet to ethical hacking bill

Politicians uneasy over potential impact on national security, local reports say

Security10 Jul 2025 | 4

AMD warns of new Meltdown, Spectre-like bugs affecting CPUs

Low-severity bugs but infosec pros claim they are a 'critical' overall threat – patch accordingly

Security09 Jul 2025 | 27

Suspected Chinese cybersnoop grounded in Italy after US tipoff

Zewei Xu's family reportedly bemused at arrest as extradition tabled

Security08 Jul 2025 | 10

23andMe's new owner says your DNA is safe this time

Nonprofit TTAM assures everything is BAU. Whether that makes customers feel better is another matter

Cyber-crime02 Jul 2025 | 18

Scattered Spider crime spree takes flight as focus turns to aviation sector

Time ticking for defenders as social engineering pros weave wider web

Cyber-crime30 Jun 2025 | 2

It's 2025 and almost half of you are still paying ransomware operators

Infosec in Brief PLUS: Crooks target hardware crypto wallets; Bad flaws in Brother printers; ,O365 allows takeover-free phishing; and more

Security30 Jun 2025 | 2

Supply chain attacks surge with orgs 'flying blind' about dependencies

Who is the third party that does the thing in our thing? Yep. Attacks explode over past year

CSO25 Jun 2025 | 4

UK govt dept website that campaigns against encryption hijacked to advertise ... payday loans

Company at center of findings blamed SEO on outsourcer

Security25 Jun 2025 | 18

Experts count staggering costs incurred by UK retail amid cyberattack hell

Cyber Monitoring Centre issues first severity assessment since February launch

Cyber-crime23 Jun 2025 | 27

Former US Army Sergeant pleads guilty after amateurish attempt at selling secrets to China

Infosec in brief PLUS: 5.4M healthcare records leak; AI makes Spam harder to spot; Many nasty Linux vulns; and more

Security23 Jun 2025 | 7

UK gov asks university boffins to pinpoint cyber growth areas where it should splash cash

Good to see government that values its academics (cough cough). Plus: New board criticized for lacking 'ops' people

Public Sector19 Jun 2025 | 11

Iran’s internet goes offline for hours amid claims of ‘enemy abuse’

Bank and crypto outfits hit after Israeli commander mentioned attacks expanding to ‘other areas’

Public Sector19 Jun 2025 | 13

Veeam patches third critical RCE bug in Backup & Replication in space of a year

Version 13 can’t come soon enough

Patches18 Jun 2025 | 1

Sitecore CMS flaw let attackers brute-force 'b' for backdoor

Hardcoded passwords and path traversals keeping bug hunters in work

Patches17 Jun 2025 | 5

23andMe hit with £2.3M fine after exposing genetic data of millions

Penalty follows year-long probe into flaws that allowed attack to affect so many

CSO17 Jun 2025 | 16

Canada's WestJet says 'expect interruptions' online as it navigates cybersecurity turbulence

updated Flights still flying - just don't count on the app or website working smoothly

Security16 Jun 2025 | 1

Dems demand audit of CVE program as Federal funding remains uncertain

Infosec In Brief PLUS: Discord invite links may not be safe; Miscreants find new way to hide malicious JavaScript; and more!

Security15 Jun 2025 | 5

Wanted: Junior cybersecurity staff with 10 years' experience and a PhD

Infosec employers demanding too much from early-career recruits, says ISC2

CSO13 Jun 2025 | 75

US auditors beg Pentagon to pay attention to latest report about IT system flaws

The DoD has ignored many past recommendations

Public Sector12 Jun 2025 | 3

'Major compromise' at NHS temping arm exposed gaping security holes

Exclusive Incident responders suggested sweeping improvements following Active Directory database heist

Cyber-crime12 Jun 2025 | 18

Salesforce tags 5 CVEs after SaaS security probe uncovers misconfig risks

The 16 other flagged issues are on customers, says CRM giant

Research11 Jun 2025 |

Critical Wazuh bug exploited in growing Mirai botnet infection

The open-source XDR/SIEM provider’s servers are in other botnets’ crosshairs too

Research10 Jun 2025 |

M&S online ordering system operational 46 days after cyber shutdown

A milestone in cyberattack recovery – but deliveries will take a while and normal service not yet back

Cyber-crime10 Jun 2025 | 18

Peep show: 40K IoT cameras worldwide stream secrets to anyone with a browser

Majority of exposures located in the US, including datacenters, healthcare facilities, factories, and more

Research10 Jun 2025 | 59

US infrastructure could crumble under cyberattack, ex-NSA advisor warns

Infosec in Brief PLUS: Doxxers jailed; Botnets bounce back; CISA questioned over app-vetting program closure; And more

Security08 Jun 2025 | 7

UK CyberEM Command to spearhead new era of armed conflict

Government details latest initiative following announcement last week

Security04 Jun 2025 | 17

Lumma infostealer takedown may have inflicted only a flesh wound as crew keeps pinching and selling data

Infosec In Brief PLUS: Ransomware gang using tech support scam; Czechia accuses China of infrastructure attack; And more!

Security02 Jun 2025 | 3

Billions of cookies up for grabs as experts warn over session security

Law enforcement crackdowns are gathering pace but online marketplaces still teeming with valuable tokens

Security29 May 2025 | 22

CISA says SaaS providers in firing line after Commvault zero-day Azure attack

Cyberbaddies are coming for your M365 creds, US infosec agency warns

Security23 May 2025 | 2

Judge allows Delta's lawsuit against CrowdStrike to proceed with millions in damages on the line

CS remains hopeful damages will be limited to seven figures

Security21 May 2025 | 5