News • Insights • Analysis
As of July 25, 2025, all sites and apps that allow pornography will need to have strong age checks in place, to make sure children can’t access that or other harmful content. This represents the most significant change to how Read More …
One password is believed to have been all it took for a ransomware gang to destroy a 158-year-old company and put 700 people out of work. KNP – a Northamptonshire transport company – is just one of tens of thousands Read More …
Australia is implementing comprehensive internet age verification and ID check requirements as part of a major overhaul of online safety regulation. By December 27, 2025, major platforms including Google and Microsoft must implement age verification checks on their search engines Read More …
U.S. cybersecurity agency CISA says hackers are actively exploiting a critical-rated security flaw in a widely used Citrix product, and has given other federal government departments just one day to patch their systems. Security researchers have dubbed the bug “Citrix Read More …
Brazil’s central bank said on Wednesday that technology services provider C&M Software, which serves financial institutions lacking connectivity infrastructure, had reported a cyberattack on its systems. The bank did not provide further details of the attack, but said in a Read More …
Cisco has released a security advisory addressing two vulnerabilities, affecting Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) . CVE-2025-20281 Cisco ISE API Unauthenticated Remote Code Execution Vulnerability CVE-2025-20281 is an ‘API unauthenticated remote code execution’ Read More …
The possibility that data could be inadvertently exposed in a misconfigured or otherwise unsecured database is a longtime privacy nightmare that has been difficult to fully address. But the new discovery of a massive trove of 184 million records—including Apple, Read More …
Google has confirmed another attack on Gmail users that combines inherent vulnerabilities in the platform with devious social engineering. The net result is a flurry of headlines and viral social media posts followed by an urgent platform update. Google’s security Read More …
In this blog entry, Trend Micro researchers look at overly permissive cloud service credentials in Microsoft’s public-facing assets and assess their potential implications on software supply chain and software integrity. We do this by exploring two scenarios involving PC Manager, Read More …
In the first quarter of 2025, Rapid7’s Managed Threat Hunting team observed a significant volume of brute-force password attempts leveraging FastHTTP, a high-performance HTTP server and client library for Go, to automate unauthorized logins via HTTP requests. This rapid volume Read More …
