Zero-Day in CentreStack File Sharing Platform Under Attack – Dark Reading
Gladinet’s platform is widely used among managed service providers, and a critical deserialization flaw could put MSP customers in jeopardy. – Read More
2025
Russian Shuckworm APT is back with updated GammaSteel malware – CSO Online
A cyberespionage group of Russian origin that has targeted entities from Ukraine, or from countries that are helping Ukraine, has recently launched an attack against the military of a Western…
AuthZEN Aims to Harmonize Fractured Authorization Controls – Dark Reading
Managing permissions and authorizations across dozens or hundreds of cloud services and platforms poses significant headaches for companies. An open specification aims to change that. – Read More
Oracle admits breach of ‘obsolete servers,’ denies main cloud platform affected – CSO Online
Oracle has continued to downplay a data breach it suffered earlier this year, insisting in an email sent to customers this week that the hack did not involve its core…
Ping Identity Doubles Down on Partner Strategy with New Partner Program and Advisory Board – Dark Reading
Post Content – Read More
Digital Asset Management Platform Liminal Raises $4.7M Funding Led by Elevation Capital – Dark Reading
Post Content – Read More
Trump’s DoJ Targets Krebs, Revokes SentinelOne Security Clearance – Dark Reading
An executive order is targeting former Trump appointees, including former CISA director Chris Krebs and his current coworkers, in the latest in a series of directives against those who dissented…
What Should the US Do About Salt Typhoon? – Dark Reading
Security experts weigh in on the problem Salt Typhoon and its hacking of telecoms poses against the United States, including what the US should do and how defenders can protect…
Open Source Poisoned Patches Infect Local Software – Dark Reading
Malicious packages lurking on open source repositories like npm have become less effective, so cyberattackers are using a new strategy: offering “patches” for locally installed programs. – Read More
China-based SMS Phishing Triad Pivots to Banks – Krebs on Security
China-based purveyors of SMS phishing kits are enjoying remarkable success converting phished payment card data into mobile wallets from Apple and Google. Until recently, the so-called “Smishing Triad” mainly impersonated…
Charting Change In Legal Episode 39 Is Here! – Legal IT Insider
In this 39th episode of Charting Change in Legal, Caroline Hill, editor and publisher of Legal IT Insider, and Ari Kaplan, lead analyst discussed Legalweek 2025, Skills.Law, generative AI use…
Incomplete Patch in NVIDIA Toolkit Leaves CVE-2024-0132 Open to Container Escapes – The Hacker News
Cybersecurity researchers have detailed a case of an incomplete patch for a previously addressed security flaw impacting the NVIDIA Container Toolkit that, if successfully exploited, could put sensitive data at…
Why Data Privacy Isn’t the Same as Data Security – Dark Reading
Failing to distinguish between data privacy and data security leaves businesses vulnerable to regulatory scrutiny and the kinds of breaches that erode consumer trust overnight. – Read More
Hackers target SSRF flaws to steal AWS credentials – CSO Online
In a new campaign, threat actors have been trying to access EC2 Instance Metadata, which consists of sensitive virtual server information like IP address, instance ID, and security credentials by…
Fortinet embeds AI capabilities across Security Fabric platform – CSO Online
Fortinet has expanded support for AI across its core cybersecurity platform to protect enterprise customers from evolving threats and simplify network and security operations. Specifically, Fortinet has expanded the role…