Cybersecurity leaders’ top seven takeaways from 2025 – CSO Online
Over the last 12 months, security teams continued to walk a tightrope between moving fast to adopt new technologies and facing escalating threats fuelled mostly by the rise of AI.…
2025
VolkLocker Ransomware Exposed by Hard-Coded Master Key Allowing Free Decryption – The Hacker News
The pro-Russian hacktivist group known as CyberVolk (aka GLORIAMIST) has resurfaced with a new ransomware-as-a-service (RaaS) offering called VolkLocker that suffers from implementation lapses in test artifacts, allowing users to…
Solicitor without PC took money for work he never did – Legal Futures
A solicitor who deceived a convicted client into believing he had a practising certificate, took money to pursue an appeal and then did not do the work has been struck…
Private client specialists have “mixed feelings” about electronic wills – Legal Futures
Most private client specialists have “mixed feelings” about Law Commission plans to permit electronic wills – but would embrace them if they happen. The post Private client specialists have “mixed…
SRA fails with two high-profile SLAPPs prosecutions – Legal Futures
Two high-profile Solicitors Regulation Authority prosecutions for alleged misconduct by libel lawyers failed last week. The post SRA fails with two high-profile SLAPPs prosecutions appeared first on Legal Futures. –…
CISA Adds Actively Exploited Sierra Wireless Router Flaw Enabling RCE Attacks – The Hacker News
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a high-severity flaw impacting Sierra Wireless AirLink ALEOS routers to its Known Exploited Vulnerabilities (KEV) catalog, following reports of…
Apple Issues Security Updates After Two WebKit Flaws Found Exploited in the Wild – The Hacker News
Apple on Friday released security updates for iOS, iPadOS, macOS, tvOS, watchOS, visionOS, and its Safari web browser to address two security flaws that it said have been exploited in…
Microsoft flips security script: ‘In scope by default’ makes all vulnerabilities fair game for bug bounties – CSO Online
Today’s AI-enabled attackers are agnostic: They’re not limiting themselves to specific companies, products, or services — they’re going where the vulnerabilities are. To meet them on this ground, Microsoft is…
Leaked Home Depot credential exposed internal systems for a year – CSO Online
Home Depot exposed access to internal systems for a year, TechCrunch reports. According to security researcher Ben Zimmermann, a Home Depot employee published a private GitHub access token sometime in…
The CISO-COO Partnership: Protecting Operational Excellence – Dark Reading
Digital transformation has made cybersecurity preparation part of operational resilience for most organizations. This calls for a new relationship between CISO and COO. – Read More
React2Shell Exploits Flood the Internet as Attacks Continue – Dark Reading
As exploitation activity against CVE-2025-55182 ramps up, researchers are finding some proof-of-concept exploits contain bypasses for web application firewall (WAF) rules. – Read More
Vibe Coding: Innovation Demands Vigilance – Dark Reading
Unmanaged coding is indeed an alluring idea, but can introduce a host of significant cybersecurity dangers, Constantine warns. – Read More
Microsoft Will Bundle Security Copilot with M365 Enterprise Licenses – Dark Reading
The move aims to expand the use of Security Copilot and comes with the launch of 12 new agents from Microsoft at the company’s Ignite conference last week. – Read…
Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads – The Hacker News
Cybersecurity researchers are calling attention to a new campaign that’s leveraging GitHub-hosted Python repositories to distribute a previously undocumented JavaScript-based Remote Access Trojan (RAT) dubbed PyStoreRAT. “These repositories, often themed…
Supply Chain Attacks Targeting GitHub Actions Increased in 2025 – Dark Reading
At this week’s Black Hat Europe conference, two researchers urged developers to adopt a shared responsibility model for open source software and not leave it all up to GitHub to…