AI/ML‘Vibe coding’ using LLMs susceptible to most common security flawsLaura FrenchApril 24, 2025OpenAI’s models were most likely to produce vulnerable code in tests by Backslash Security.
Vulnerability ManagementCommvault Command Center bug rated 10.0 patchedSteve ZurierApril 24, 2025CVE-2025-34028 could lead to a complete compromise of the Command Center.
Network SecurityHackers exploiting vulnerabilities at higher rates, reports VerizonShaun NicholsApril 23, 2025Stolen credentials still make up most common threat vector in annual cybersecurity report.
Critical Infrastructure SecurityCritical bugs in Siemens, Schneider Electric gear top CISA advisorySteve ZurierApril 23, 2025CISA cites 16 CVEs impacting industrial systems in ICS advisory, four critical.
RansomwareFinancial malware on the rise as espionage attacks declineShaun NicholsApril 23, 2025Threat actors are getting more work from the private sector than from government sponsored agencies.
Cloud SecurityGoogle fixes Cloud Composer privilege escalation vulnerabilityLaura FrenchApril 22, 2025Tenable researchers say “ConfusedComposer” highlights how attackers can exploit cloud service permissions.
Security Strategy, Plan, BudgetTwo senior officials resign from federal cybersecurity office, CISASteve ZurierApril 22, 2025Continued brain drain includes two of the experts who managed CISA’s Secure by Design program.
IdentityMicrosoft reports improvement in Secure By Design for products, servicesShaun NicholsApril 21, 2025Microsoft said it's making strides in guarding its own systems against external threat actors.
RansomwareFog ransomware notes troll with DOGE references, bait insider attacksLaura FrenchApril 21, 2025Recent Fog samples are spread through phishing emails referencing pay adjustments.
RansomwareBulletproof hosting provider Proton66 steps-up malware campaignsSteve ZurierApril 21, 2025Researchers advise security teams to block sources of bulletproof hosting.
