News • Insights • Analysis
Apple has released important security updates to address a critical vulnerability in FontParser—the part of MacOS/iOS/iPadOS that processes fonts. Identified as CVE-2025-43400, the flaw was discovered internally by Apple and allows an attacker to craft a malicious font that can Read More …
HSBC has warned business banking customers that personal identification documents submitted during account applications may have been compromised following unauthorised access to a third-party platform. In an email sent to customers earlier this month, the bank confirmed that identity documents, Read More …
Phantom Taurus is a previously undocumented nation-state actor whose espionage operations align with People’s Republic of China (PRC) state interests. Over the past two and a half years, Unit 42 researchers have observed Phantom Taurus targeting government and telecommunications organizations Read More …
The Rapid7 September 2025 Threat Report highlights active exploitation of a critical Microsoft SharePoint vulnerability, CVE-2025-53770. This zero-day is being used by threat actors to gain initial access to victim networks, with exploitation observed in government as well as multiple Read More …
Broadcom has released security updates to address vulnerabilities in VMware Aria Operations, Tools, and Cloud Foundation components of VMware products. The updates address 2 high severity and 1 medium severity vulnerabilities. CVE-2025-41244 – “Privilege defined with unsafe actions” vulnerability – Read More …
YouTube agreed to pay $24.5 million to settle a lawsuit filed by President Donald Trump after he was suspended by social media platforms following the January 6, 2021, insurrection. This makes Alphabet-owned YouTube the last of the three Big Tech Read More …
OT systems are a prime target due to their criticality and the potential impact if these systems are disrupted. As the number and capability of threat actor targeting OT increases, so too does the need for robust cyber security controls. Read More …
A “widespread cybersecurity incident” at the Federal Emergency Management Agency allowed hackers to make off with employee data from both the disaster management office and U.S. Customs and Border Protection, according to a screenshot of an incident overview presentation obtained Read More …
The Government has agreed to support Jaguar Land Rover (JLR) with a loan guarantee expected to unlock £1.5billion to support its supply chain. JLR suspended production at its UK factories following the cyber attack on 31 August, including the one Read More …
Harrods has warned some of its customers that their personal data may have been taken in an IT systems breach, months after it was targeted by a suspected cyber attack in May. The luxury department store said customer names and Read More …