April 2025

Industry Asks for Clarity on Proposed HIPAA Cybersecurity Rules – Dark Reading

April 8, 2025

Healthcare and IT security practitioners worry some of the proposed amendments are not practical for a sector that lacks resources and often uses legacy equipment. – Read More

Cyber Dark Reading

Aurascape Brings Visibility, Security Controls to Manage AI Applications – Dark Reading

April 8, 2025

New cybersecurity startup Aurascape emerged from stealth today with an AI-native security platform to automate security policies for AI applications. – Read More

Cyber Dark Reading

UK Orgs Pull Back Digital Projects With Looming Threat of Cyberwarfare – Dark Reading

April 8, 2025

Artificial intelligence poses a significant concern when it comes to nation-state cyberthreats and AI’s ability to supercharge attacks. – Read More

Cyber Hacker News

Fortinet Urges FortiSwitch Upgrades to Patch Critical Admin Password Change Flaw – The Hacker News

April 8, 2025

Fortinet has released security updates to address a critical security flaw impacting FortiSwitch that could permit an attacker to make unauthorized password changes. The vulnerability, tracked as CVE-2024-48887, carries a…

Cyber Hacker News

Amazon EC2 SSM Agent Flaw Patched After Privilege Escalation via Path Traversal – The Hacker News

April 8, 2025

Cybersecurity researchers have disclosed details of a now-patched security flaw in the Amazon EC2 Simple Systems Manager (SSM) Agent that, if successfully exploited, could permit an attacker to achieve privilege…

Cyber Dark Reading

2 Android Zero-Day Bugs Under Active Exploit – Dark Reading

April 8, 2025

Neither security issue requires user interaction; and one of the vulnerabilities was used to unlock a student activist’s device in an attempt to install spyware. – Read More

Cyber Hacker News

Cryptocurrency Miner and Clipper Malware Spread via SourceForge Cracked Software Listings – The Hacker News

April 8, 2025

Threat actors have been observed distributing malicious payloads such as cryptocurrency miner and clipper malware via SourceForge, a popular software hosting service, under the guise of cracked versions of legitimate…

Cyber NCSC News

BADBAZAAR and MOONSHINE: Spyware targeting Uyghur, Taiwanese and Tibetan groups and civil society actors – NCSC News

April 8, 2025

The NCSC and partners publish new information and mitigation measures for those at high risk from two spyware variants. – Read More

Cyber NCSC News

BADBAZAAR and MOONSHINE: Technical analysis and mitigations – NCSC News

April 8, 2025

This advisory provides new and collated threat intelligence on two variants of spyware known as BADBAZAAR and MOONSHINE, and includes advice for app store operators, developers and social media companies…

Cyber NCSC News

NCSC and partners share guidance for communities at high risk of digital surveillance – NCSC News

April 8, 2025

Spyware variants MOONSHINE and BADBAZAAR are being used to target mobile devices of individuals around the world. – Read More

Legal Futures Legal News

Commercial Real Estate sector set to miss major decarbonisation target by a decade – Legal Futures

April 8, 2025

Research by commercial real estate data and technology company, Search Acumen, suggests that it will take until at least 2040 for all rented commercial properties to meet the 2030 MEES…

Cyber Dark Reading

Dangerous, Windows-Hijacking Neptune RAT Scurries Into Telegram, YouTube – Dark Reading

April 8, 2025

The malware’s creators insist a new open source version of Neptune is for educational use by pen testers, but a raft of sophisticated backdoor and evasion capabilities says otherwise. –…

Cyber Dark Reading

How Democratized Development Creates a Security Nightmare – Dark Reading

April 8, 2025

No-code and low-code platforms offer undeniable benefits. But when security is an afterthought, organizations risk deploying vulnerable applications that expose sensitive data and critical systems. – Read More

Contract Law Contract Nerds

Internal Data Leakage: An Overlooked Contract Risk in Enterprise AI – Contract Nerds

April 8, 2025

Key Takeaways: When rolling out an AI tool across your organization, consider how company data might be exposed across internal teams. Internal data access isn’t just a governance concern—contracts professionals…

Contract Law Contract Nerds

Business Skills in Contract Negotiations: The Ultimate Success Combo – Contract Nerds

April 8, 2025

I’ve said it before, and I’ll say it again—contracts are not legal documents; they are business documents that memorialize business transactions. While many in-house counsel recognize the importance of being…

Industry Asks for Clarity on Proposed HIPAA Cybersecurity Rules – Dark Reading

Aurascape Brings Visibility, Security Controls to Manage AI Applications – Dark Reading

UK Orgs Pull Back Digital Projects With Looming Threat of Cyberwarfare – Dark Reading

Fortinet Urges FortiSwitch Upgrades to Patch Critical Admin Password Change Flaw – The Hacker News

Amazon EC2 SSM Agent Flaw Patched After Privilege Escalation via Path Traversal – The Hacker News

2 Android Zero-Day Bugs Under Active Exploit – Dark Reading

Cryptocurrency Miner and Clipper Malware Spread via SourceForge Cracked Software Listings – The Hacker News

BADBAZAAR and MOONSHINE: Spyware targeting Uyghur, Taiwanese and Tibetan groups and civil society actors – NCSC News

BADBAZAAR and MOONSHINE: Technical analysis and mitigations – NCSC News

NCSC and partners share guidance for communities at high risk of digital surveillance – NCSC News

Commercial Real Estate sector set to miss major decarbonisation target by a decade – Legal Futures

Dangerous, Windows-Hijacking Neptune RAT Scurries Into Telegram, YouTube – Dark Reading

How Democratized Development Creates a Security Nightmare – Dark Reading

Internal Data Leakage: An Overlooked Contract Risk in Enterprise AI – Contract Nerds

Business Skills in Contract Negotiations: The Ultimate Success Combo – Contract Nerds

You Missed

High Court overturns Zahawi solicitor misconduct finding – Legal Futures

Flaws in Chainlit AI dev framework expose servers to compromise – CSO Online

Ex-cabinet minister named Bar’s first Commissioner for Conduct – Legal Futures

In-house lawyers most concerned about AI-related disputes – Legal Futures