The ShinyHunters extortion crew exploited an unpatched flaw in Oracle PeopleSoft to break into enterprise systems, steal data, and demand payment to keep it private. The campaign hit universities hardest.…
Initial methods suggest attackers had likely mapped out Ivanti’s asset landscape upfront and acted quickly once the exploit became public. – Read More
Two security teams have shown, in separate research published this week, that OpenClaw, the popular self-hosted AI agent, can be driven to run attacker-controlled code or hand over sensitive data…
Security researcher Chaotic Eclipse (aka Nightmare-Eclipse and MSNightmare) has released a new Windows BitLocker bypass dubbed GreatXML, a day after they published an exploit for Microsoft Defender. “This was an…
A new analysis of The Gentlemen operation has revealed that the financially motivated threat group initially operated as an affiliate responsible for conducting double extortion attacks, while leveraging resources from…
As a leading conveyancing searches supplier, Legal Brokers Ltd has provided hundreds of thousands of property searches to law firms throughout England and Wales. The post Legal Brokers appeared first…
Operational technology security remains as difficult as ever, with even the best practice recommendation falling short. – Read More
HMRC has made its position clear: if you are paid to submit SDLT returns or otherwise interact with HMRC on behalf of clients, you are required to register as a…
Most good security work is invisible by design. Today is the exception. The 2026 Cybersecurity Stars Awards winners are announced across 95 subcategories in four main award categories. The reason…
A former PwC partner and former COO of SYKE have launched a new AI legal services company on the premise that the next battleground in legal AI is no longer…
It’s been one of those weeks. You expect the usual noise: recycled malware, sloppy attacks, another easy target getting hit. Instead, there’s a supply chain attack kit in a public…
ServiceNow is notifying customers after discovering and remediating a vulnerability that could have exposed data via an unauthenticated API endpoint on affected instances. The issue emerged publicly after customers began…
Alternative legal services provider (ALSP) Integreon has appointed Krishna Nacha as chief executive officer and member of the board of directors, effective immediately, as the company looks to accelerate its…
For thirty years, vulnerability management ran on a buffer: the months between when a vulnerability was found and when someone could figure out how to weaponize it. The solution was…
The future of reliability will not be defined by whether site reliability engineering (SRE) teams use AI agents, but by the conditions under which they choose to trust them. In…