Can a Global, Decentralized System Save CVE Data? – Dark Reading
As vulnerabilities in the Common Vulnerabilities and Exposures ecosystem pile up, one Black Hat Europe presenter hopes for a global, distributed alternative. – Read More
2025
Iran-Nexus Threat Actor UNC1549 Takes Aim at Aerospace – Dark Reading
Researchers say Israel remains a central focus, with UNC1549 targeting aerospace and defense entities in the US, the UAE, Qatar, Spain, and Saudi Arabia. – Read More
Sneaky 2FA Phishing Kit Adds BitB Pop-ups Designed to Mimic the Browser Address Bar – The Hacker News
The malware authors associated with a Phishing-as-a-Service (PhaaS) kit known as Sneaky 2FA have incorporated Browser-in-the-Browser (BitB) functionality into their arsenal, underscoring the continued evolution of such offerings and further…
More work for admins as Google patches latest zero-day Chrome vulnerability – CSO Online
For the third time in recent months, Google has found itself scrambling to fix a potentially serious zero-day flaw in the Chrome browser’s V8 JavaScript engine. Addressed on Monday as…
How We Ditched the SaaS Status Quo for Time-Series Telemetry – Dark Reading
Free the logs! Behind the scenes at InfluxData, which turned to its own in-house security monitoring platform, DiSCO, to protect its supply chain after its third-party tool was breached. –…
Malicious Npm Packages Abuse Adspect Cloaking in Crypto Scam – Dark Reading
A malware campaign presents fake websites that can check if a visitor is a potential victim or a security researcher, and then proceed accordingly to defraud or evade. – Read…
Bug Bounty Programs Rise as Key Strategic Security Solutions – Dark Reading
Bug bounty programs create formal channels for organizations to leverage external security expertise, offering researchers legal protection and financial incentives for ethical vulnerability disclosure. – Read More
Meta Expands WhatsApp Security Research with New Proxy Tool and $4M in Bounties This Year – The Hacker News
Meta on Tuesday said it has made available a tool called WhatsApp Research Proxy to some of its long-time bug bounty researchers to help improve the program and more effectively…
Insight: Could AI transform law firm compliance? – Law Gazette – Features
Sponsored content. Doug Hargrove, SVP at OneAdvanced, examines how AI agents can alleviate the administrative challenges of legal compliance and provide insights into areas for improvement across your teams. –…
Energiesektor im Visier von Hackern – CSO Online
Energieversorger müssen ihre Systeme vor immer raffinierteren Cyberangriffen schützen. vectorfusionart – shutterstock.com Die Energieversorgung ist das Rückgrat moderner Gesellschaften. Stromnetze, Gaspipelines und digitale Steuerungssysteme bilden die Grundlage für Industrie, Transport…
Four of a kind – Law Gazette – Features
The accountancy giants were coming for big-ticket legal work – until they weren’t, reports Katharine Freeland. So what now for the Big Four in law? – Read More
Researchers Detail Tuoni C2’s Role in an Attempted 2025 Real-Estate Cyber Intrusion – The Hacker News
Cybersecurity researchers have disclosed details of a cyber attack targeting a major U.S.-based real-estate company that involved the use of a nascent command-and-control (C2) and red teaming framework known as…
Stadtwerke Detmold von Hackerangriff betroffen – CSO Online
Auf der Website der Stadtwerke Detmold befindet sich aktuell ein Banner mit einem Hinweis zu einer IT-Störung. Stadtwerke Detmold – Screenshot Die Stadtwerke Detmold informieren ihre Kunden aktuell über einen…
Iranian Hackers Use DEEPROOT and TWOSTROKE Malware in Aerospace and Defense Attacks – The Hacker News
Suspected espionage-driven threat actors from Iran have been observed deploying backdoors like TWOSTROKE and DEEPROOT as part of continued attacks aimed at aerospace, aviation, and defense industries in the Middle…
Fortinet’s silent patch sparks alarm as a critical FortiWeb flaw is exploited in the wild – CSO Online
Security researchers are warning about two critical vulnerabilities in Fortinet’s FortiWeb appliances, now tracked under CVE-2025-64446, being actively exploited in the wild. According to findings published by watchTowr, one flaw…