Category: SecurityNews
-
10 Major Cyberattacks And Data Breaches In 2025
Among the major cyberattacks and data breaches in 2025 were nation-state infiltration by China and North Korea, as well as massive data theft and ransomware attacks. First seen on crn.com Jump to article: www.crn.com/news/security/2025/10-major-cyberattacks-and-data-breaches-in-2025
-
Cybersecurity Snapshot: Cyber Pros Emerge as Bold AI Adopters, While AI Changes Data Security Game, CSA Reports Say
Tags: advisory, ai, api, attack, awareness, business, cloud, compliance, control, credit-card, crime, crimes, crypto, cyber, cybersecurity, data, data-breach, defense, detection, exploit, finance, framework, google, governance, guide, healthcare, injection, intelligence, law, LLM, lockbit, malicious, metric, mitigation, monitoring, network, office, openai, ransom, ransomware, risk, risk-management, service, skills, sql, threat, tool, training, update, vulnerabilityFormerly “AI shy” cyber pros have done a 180 and become AI power users, as AI forces data security changes, the CSA says. Plus, PwC predicts orgs will get serious about responsible AI usage in 2026, while the NCSC states that, no, prompt injection isn’t the new SQL injection. And much more! Key takeaways Cyber…
-
CISO Spotlight: Lefteris Tzelepis on Leadership, Strategy, and the Modern Security Mandate
Lefteris Tzelepis, CISO at Steelmet /Viohalco Companies, was shaped by cybersecurity. From his early exposure to real-world attacks at the Greek Ministry of Defense to building and leading security programs inside complex enterprises, his career mirrors the evolution of the CISO role itself. Now a group CISO overseeing security across multiple organizations, Lefteris brings a…
-
Cybersecurity Snapshot: Cyber Pros Emerge as Bold AI Adopters, While AI Changes Data Security Game, CSA Reports Say
Tags: advisory, ai, api, attack, awareness, business, cloud, compliance, control, credit-card, crime, crimes, crypto, cyber, cybersecurity, data, data-breach, defense, detection, exploit, finance, framework, google, governance, guide, healthcare, injection, intelligence, law, LLM, lockbit, malicious, metric, mitigation, monitoring, network, office, openai, ransom, ransomware, risk, risk-management, service, skills, sql, threat, tool, training, update, vulnerabilityFormerly “AI shy” cyber pros have done a 180 and become AI power users, as AI forces data security changes, the CSA says. Plus, PwC predicts orgs will get serious about responsible AI usage in 2026, while the NCSC states that, no, prompt injection isn’t the new SQL injection. And much more! Key takeaways Cyber…
-
SentinelOne Hires Google, Cisco And Symantec Vet As New CTO
SentinelOne hires cybersecurity leader Jeff Reed as its new chief technology officer, who has experience working at Cisco, Google Cloud and Symantec. First seen on crn.com Jump to article: www.crn.com/news/cloud/2025/sentinelone-hires-google-cisco-and-symantec-vet-as-new-cto
-
Nigeria arrests suspected RaccoonO365 phishing kit developer on tip from Microsoft, FBI
One of the alleged developers behind the RaccoonO365 subscription-based phishing kit was arrested by Nigerian police this week. First seen on therecord.media Jump to article: therecord.media/nigeria-raccoon-developer-tip
-
Denmark summons Russian ambassador over alleged cyberattacks on water utility, elections
Russia’s ambassador to Copenhagen, Vladimir Barbin, confirmed to Russian state media on Friday that he had been called to the Danish foreign ministry, but rejected the accusations as unfounded. First seen on therecord.media Jump to article: therecord.media/denmark-summons-russian-ambassador-cyberattack-elections
-
Hacks, thefts, and disruption: The worst data breaches of 2025
TechCrunch looks back at the biggest data breaches, disruptive cyberattacks, and damaging hacks of 2025, from the raiding of U.S. government databases to a hack every month in South Korea. First seen on techcrunch.com Jump to article: techcrunch.com/2025/12/19/hacks-thefts-and-disruption-the-worst-data-breaches-of-2025/
-
‘Sensitive’ data stolen in Westminster City Council cyber attack
London borough confirms that data breach affecting three neighbouring councils in a shared IT services operation led to personal information being copied by a third party First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366636738/Sensitive-data-stolen-in-Westminster-City-Council-cyber-attack
-
Keeper Security Bolsters Federal Leadership to Advance Government Cybersecurity Initiatives
Keeper Security has announced the appointment of two new additions to its federal team, with Shannon Vaughn as Senior Vice President of Federal and Benjamin Parrish, Vice President of Federal Operations. Vaughn will lead Keeper’s federal business strategy and expansion, while Parrish will oversee the delivery and operational readiness of Keeper’s federal initiatives, supporting civilian,…
-
CultureAI Selected for Microsoft’s Agentic Launchpad Initiative to Advance Secure AI Usage
UK-based AI safety and governance company CultureAI has been named as one of the participants in Microsoft’s newly launched Agentic Launchpad, a technology accelerator aimed at supporting startups working on advanced AI systems. The inclusion marks a milestone for CultureAI’s growth and signals broader industry interest in integrating AI safety and usage control into emerging…
-
Microsoft 365 accounts targeted in wave of OAuth phishing attacks
Multiple threat actors are compromising Microsoft 365 accounts in phishing attacks that leverage the OAuth device code authorization mechanism. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-365-accounts-targeted-in-wave-of-oauth-phishing-attacks/
-
Vulnerability Management’s New Mandate: Remediate What’s Real
Live from AWS re:Invent, Snir Ben Shimol makes the case that vulnerability management is at an inflection point: visibility is no longer the differentiator”, remediation is. Organizations have spent two decades getting better at scanning, aggregating and reporting findings. But the uncomfortable truth is that many of today’s incidents still trace back to vulnerabilities that…
-
Amazon Warns Perncious Fake North Korea IT Worker Threat Has Become Widespread
Amazon is warning organizations that a North Korean effort to impersonate IT workers is more extensive than many cybersecurity teams may realize after discovering the cloud service provider was also victimized. A North Korean imposter was uncovered working as a remote systems administrator in the U.S. after their keystroke input lag raised suspicions. Normally, keystroke..…
-
Google Shutting Down Dark Web Report Met with Mixed Reactions
Google is shutting down its dark web report tool, which was released in 2023 to alert users when their information was found available on the darknet. However, while the report sent alerts, Google said users found it didn’t give them next steps to take if their data was detected. First seen on securityboulevard.com Jump to…
-
Google Shutting Down Dark Web Report Met with Mixed Reactions
Google is shutting down its dark web report tool, which was released in 2023 to alert users when their information was found available on the darknet. However, while the report sent alerts, Google said users found it didn’t give them next steps to take if their data was detected. First seen on securityboulevard.com Jump to…
-
Why AppSec Can’t Keep Up With AI-Generated Code
StackHawk co-founder and CSO Scott Gerlach has spent most of his career running security teams, and his take on application security is shaped by a simple reality: developers are still too often the last to know when their code ships with risk. Gerlach explains why that gap has widened in the age of modern CI/CD,..…
-
Why AppSec Can’t Keep Up With AI-Generated Code
StackHawk co-founder and CSO Scott Gerlach has spent most of his career running security teams, and his take on application security is shaped by a simple reality: developers are still too often the last to know when their code ships with risk. Gerlach explains why that gap has widened in the age of modern CI/CD,..…
-
Why AppSec Can’t Keep Up With AI-Generated Code
StackHawk co-founder and CSO Scott Gerlach has spent most of his career running security teams, and his take on application security is shaped by a simple reality: developers are still too often the last to know when their code ships with risk. Gerlach explains why that gap has widened in the age of modern CI/CD,..…
-
FireTail’s 2022 Review on Macro, Industry, and Thoughts About What’s Next FireTail Blog
Tags: ai, api, attack, cloud, cyber, cybercrime, cybersecurity, data, exploit, finance, government, infrastructure, intelligence, Internet, jobs, office, open-source, regulation, russia, startup, strategy, technology, usa, vulnerabilityDec 19, 2025 – Jeremy Snyder – New beginnings, such as new years, provide a nice opportunity to look back at what we have just experienced, as well as look forward to what to expect. 2022 was a year of transition in many ways, and 2023 may well be the same. I wanted to reflect…
-
State-linked and criminal hackers use device code phishing against M365 users
Russia-linked groups have attacked multiple sectors in recent months. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/state-linked-criminal-hackers-device-code-phishing-m365/808396/
-
Sydney Uni data goes walkabout after criminals raid code repo
Tags: dataAttackers helped themselves to historical personal info on 27K people First seen on theregister.com Jump to article: www.theregister.com/2025/12/19/sydney_uni_breach/
-
AI and cybersecurity: Two sides of the same coin
Practical lessons on securing AI and using AI to strengthen defence First seen on theregister.com Jump to article: www.theregister.com/2025/12/19/ai_cybersecurity_two_sides/
-
Waterfox browser goes AI-free, targets the Firefox faithful
Even if Mozilla is going to add an AI kill switch, that may not be enough to reassure many. First seen on theregister.com Jump to article: www.theregister.com/2025/12/18/firefox_no_ai_alternative_waterfox/
-
Keyboard Lag Leads Amazon to North Korean Impostor in Remote Role
Amazon Security Chief explains how a subtle keyboard delay exposed a North Korean impostor. Read about the laptop farm scheme and how 110 milliseconds of lag ended a major corporate infiltration. First seen on hackread.com Jump to article: hackread.com/keyboard-lag-amazon-north-korea-impostor-remote-role/
-
OWASP Drops First AI Agent Risk List
These aren’t simple chatbots anymore”, these AI agents access data and tools and carry out tasks, making them infinitely more capable and dangerous. The post OWASP Drops First AI Agent Risk List appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-owasp-ai-agent-risk-list/
-
OpenAI Launches GPT-5.2-Codex for Secure Coding
OpenAI has launched GPT-5.2-Codex, an agentic coding model that boosts real-world software engineering and AI-powered vulnerability research. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/openai-launches-gpt-5-2-codex-for-secure-coding/
-
LongNosedGoblin Caught Snooping on Asian Governments
New China-aligned APT group is deploying Group Policy to sniff through government networks across Southeast Asia and Japan. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/longnosedgoblin-caught-snooping-on-asian-governments
-
Google Shutting Down Dark Web Report Met with Mixed Reactions
Google is shutting down its dark web report tool, which was released in 2023 to alert users when their information was found available on the darknet. However, while the report sent alerts, Google said users found it didn’t give them next steps to take if their data was detected. First seen on securityboulevard.com Jump to…
-
For $18 an Hour Stanford’s AI Agent Bested Most Human Pen Testers in Study
A Stanford study finds the ARTEMIS AI agent beat most human pen testers in vulnerability discovery”, at a fraction of the cost. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/for-18-an-hour-stanfords-ai-agent-bested-most-human-pen-testers-in-study/