A sophisticated nation-state actor maintained access to Ribbon Communications’ network for almost a year before detection. The breach affects critical infrastructure providers and government clients, raising alarms about telecom security.
Inexpensive IoT devices are creating unprecedented security risks for organizations. The FBI warns these devices are being exploited at scale, requiring new procurement and monitoring strategies.
Chinese state-linked hackers exploited a Windows shortcut vulnerability that Microsoft hasn’t patched since March disclosure. The sophisticated campaign targeted European diplomats using expired certificates and social engineering to deploy PlugX malware.
A sophisticated campaign called PhantomRaven has exploited a fundamental weakness in NPM’s dependency system to deploy credential-stealing packages. The attack leverages Remote Dynamic Dependencies that bypass traditional security scanning, creating a major supply chain threat.
Microsoft’s postponed Azure security change could break unprepared applications. The shift from default public outbound access to private subnets represents a fundamental rethinking of cloud security architecture with far-reaching implications.
A new breed of malware doesn’t hack your system—it convinces you to infect yourself. ClickFix attacks have exploded by 500% in 2025, and traditional security measures can’t stop them. Here’s why this human-centric threat represents a fundamental shift in cybersecurity.
Starling Bank is betting big on AI to combat fraud following a £29m regulatory penalty. The neobank’s new “Scam Intelligence” tool represents both technological innovation and a necessary response to compliance failures that exposed deeper industry challenges.
Germany faces a cybersecurity emergency as 92% of Exchange servers run unsupported software. The BSI warns of potential total network compromises affecting hospitals, schools, and government agencies.
Three brothers allegedly orchestrated a corporate espionage scheme dubbed the “Sterri Takeover” that’s rocking the 401(k) administration industry. The lawsuit reveals leaked texts and executive involvement that could derail a major acquisition.
Microsoft has released an emergency out-of-band security update addressing a critical WSUS vulnerability already being exploited in the wild. The flaw allows unauthenticated attackers to execute arbitrary code on affected Windows Server systems, posing severe network security risks.
