Governance, Risk and ComplianceHealth Net pays $11.2M to settle claims over false cybersecurity certsShaun NicholsFebruary 21, 2025Health Net allegedly falsified certifications for TRICARE, the health benefits program for military personnel.
Application securityMongoose ODM critical RCE flaws detailed, PoC exploits revealedLaura FrenchFebruary 21, 2025Misuse of the vulnerable $where operator can allow arbitrary code to be executed on a Node.js application server.
IdentitySalt Typhoon exploited 2018 Cisco bug to infiltrate US telecomsSteve ZurierFebruary 21, 2025China-based threat group took advantage of stolen user credentials.
Career Management1 in 4 cybersecurity pros would not recommend their employerShaun NicholsFebruary 20, 2025Nearly two-thirds of respondents actively looking for new job; workers on West Coast best paid.
PhishingRevamped darcula phishing kit impersonates sites with just a linkLaura FrenchFebruary 20, 2025The phishing-as-a-service suite makes it easy for those without technical ability to make custom scam pages.
RansomwareGhost ransomware actors compromised victims in more than 70 countriesSteve ZurierFebruary 20, 2025China-based group took advantage of organizations that did not update software or firmware.
Data SecurityMicrosoft claims quantum breakthrough with Majorana 1 computer chipShaun NicholsFebruary 19, 2025Microsoft researchers introduced Majorana 1, a self-contained quantum processing unit (QPU) capable of containing up to 1 million qubits.
Network SecuritySonicWall, Palo Alto Networks flaws under attack, added to CISA listLaura FrenchFebruary 19, 2025The critical SonicOS SSLVPN flaw and high-severity PAN-OS flaw both risk authentication bypass.
Business continuityVenture capital firm Insight Partners confirms cyberattackSteve ZurierFebruary 19, 2025Insight Partners' portfolio includes cybersecurity firms Abnormal Security, Checkmarx and Wiz.
Vulnerability ManagementResearchers detail unauthenticated bypass via Apple USB vulnerabilityShaun NicholsFebruary 18, 2025Security consultancy Quarkslab said that the flaw could allow threat actors to bypass USB lockouts.