2025

CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download – The Hacker News

April 18, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a medium-severity security flaw impacting Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation…

CSO Online Cyber

Will politicization of security clearances make US cybersecurity firms radioactive? – CSO Online

April 18, 2025

With the US government now tying security clearances to the support of specific political positions, many in the security community fear it may tar US vendors with the same brush…

Cyber Dark Reading

Dogged by Trump, Chris Krebs Resigns from SentinelOne – Dark Reading

April 17, 2025

The president revoked the former CISA director’s security clearance, half a decade after Krebs challenged right-wing election disinformation, prompting his eventual resignation. – Read More

Cyber Dark Reading

PromptArmor Launches to Help Assess, Monitor Third-Party AI Risks – Dark Reading

April 17, 2025

The AI security startup has already made waves with critical vulnerability discoveries and seeks to address emerging AI concerns with its PromptArmor platform. – Read More

Cyber Dark Reading

CVE Program Cuts Send the Cyber Sector Into Panic Mode – Dark Reading

April 17, 2025

After threatening to slash support for the CVE program, CISA threw MITRE a lifeline at the last minute — extending its government contract for another 11 months. After that, it…

Cyber Hacker News

Mustang Panda Targets Myanmar With StarProxy, EDR Bypass, and TONESHELL Updates – The Hacker News

April 17, 2025

The China-linked threat actor known as Mustang Panda has been attributed to a cyber attack targeting an unspecified organization in Myanmar with previously unreported tooling, highlighting continued effort by the…

Law Gazette Legal News

Data page – April 2025 – Law Gazette – Features

April 17, 2025

The latest data page figures, compiled by Moneyfacts, are now available. – Read More

Cyber Dark Reading

Cybersecurity by Design: When Humans Meet Technology – Dark Reading

April 17, 2025

If security tools are challenging to use, people will look for workarounds to get around the restrictions. – Read More

Cyber NCSC Blogs

How the NCSC thinks about security architecture – NCSC Blog

April 17, 2025

Richard C explains how an understanding of vulnerabilities – and their exploitation – informs how the NCSC assesses the security of computer systems. – Read More

CSO Online Cyber

CVE-Finanzierung weiterhin gesichert – CSO Online

April 17, 2025

Experten warnten, dass ohne CVE ein Koordinationschaos in der IT-Sicherheit droht. Die CISA scheint sie erhört zu haben. Jerome460 / Shutterstock Am 16. April 2025 hatte die Trump-Regierung kurzfristig ein…

CSO Online Cyber

Hackers target Apple users in an ‘extremely sophisticated attack’ – CSO Online

April 17, 2025

Apple is urging immediate patching of two zero-day vulnerabilities in its CoreAudio and RPAC components, citing their use in what the iPhone maker describes as “extremely sophisticated attacks.” Tracked as…

Cyber Hacker News

State-Sponsored Hackers Weaponize ClickFix Tactic in Targeted Malware Campaigns – The Hacker News

April 17, 2025

Multiple state-sponsored hacking groups from Iran, North Korea, and Russia have been found leveraging the increasingly popular ClickFix social engineering tactic to deploy malware over a three-month period from late…

Cyber Hacker News

Artificial Intelligence – What’s all the fuss? – The Hacker News

April 17, 2025

Talking about AI: Definitions Artificial Intelligence (AI) — AI refers to the simulation of human intelligence in machines, enabling them to perform tasks that typically require human intelligence, such as…

Cyber Hacker News

Blockchain Offers Security Benefits – But Don’t Neglect Your Passwords – The Hacker News

April 17, 2025

Blockchain is best known for its use in cryptocurrencies like Bitcoin, but it also holds significant applications for online authentication. As businesses in varying sectors increasingly embrace blockchain-based security tools,…

Law Gazette Legal News

New government Cyber Governance Code of Practice – Law Gazette – Features

April 17, 2025

Code of Practice highlights that cyber risk should have the same prominence as financial or legal risks, and the responsibility and ownership of cyber resilience is a board level matter.…

CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download – The Hacker News

Will politicization of security clearances make US cybersecurity firms radioactive? – CSO Online

Dogged by Trump, Chris Krebs Resigns from SentinelOne – Dark Reading

PromptArmor Launches to Help Assess, Monitor Third-Party AI Risks – Dark Reading

CVE Program Cuts Send the Cyber Sector Into Panic Mode – Dark Reading

Mustang Panda Targets Myanmar With StarProxy, EDR Bypass, and TONESHELL Updates – The Hacker News

Data page – April 2025 – Law Gazette – Features

Cybersecurity by Design: When Humans Meet Technology – Dark Reading

How the NCSC thinks about security architecture – NCSC Blog

CVE-Finanzierung weiterhin gesichert – CSO Online

Hackers target Apple users in an ‘extremely sophisticated attack’ – CSO Online

State-Sponsored Hackers Weaponize ClickFix Tactic in Targeted Malware Campaigns – The Hacker News

Artificial Intelligence – What’s all the fuss? – The Hacker News

Blockchain Offers Security Benefits – But Don’t Neglect Your Passwords – The Hacker News

New government Cyber Governance Code of Practice – Law Gazette – Features

You Missed

Ransomware-Attacke auf Verkehrsgesellschaft Main-Tauber – CSO Online

Fortinet Confirms Active FortiCloud SSO Bypass on Fully Patched FortiGate Firewalls – The Hacker News

Latest BigHand research reveals financial fragility and profit risk among major law firms – Legal Futures

Webinar: Trends, pain points and modern solutions to optimise your CMS – Legal IT Insider