Network SecurityASUS router backdoors affect 9K devices, persist after firmware updatesLaura FrenchMay 28, 2025Authentication bypass and command injection flaws facilitate the malicious activity.
IdentityEnterprise security risk increases as transition to IAM platforms lagKaren "Pepper" HoffmanMay 28, 2025Fewer than 4% of enterprise security teams have fully automated their core identity workflows, according to Cerby.
IdentityCisco launches new identity access management products, servicesKaren "Pepper" HoffmanMay 28, 2025Duo Identity and Access Management (IAM) claims to work in conjunction with existing capabilities.
Cloud SecurityFile Picker grants access to a user’s entire Microsoft OneDriveSteve ZurierMay 28, 2025Researchers say “excessive permissions” grants access to a user’s entire OneDrive.
IdentityRussian hackers Void Blizzard step up espionage campaignShaun NicholsMay 27, 2025Hackers targeting organizations's partners or contractors in hopes of obtaining credentials.
AI/MLMandiant finds more than 30 fake AI websites spreading malwareLaura FrenchMay 27, 2025Thousands of social media ads promoted sites impersonating legitimate GenAI tools.
IdentityAbout 40% of apps lack identity security basicsSteve ZurierMay 27, 2025Lack of identity basics expose companies to compliance penalties and increased breach risk.
RansomwareOperation Endgame claims 300 domains in mass takedown effortShaun NicholsMay 23, 2025An ongoing international effort against cybercrime operators has announced a mass takedown of ransomware networks.
AI/MLAI data security best practices outlined by CISA and partnersLaura FrenchMay 23, 2025The risks of data supply chain poisoning and malicious data tampering are addressed in the guidance.
Cloud SecurityCISA warns of attacks on Commvault’s Microsoft Azure environmentSteve ZurierMay 23, 2025CISA believes the attacks on Commvault Azure environments may be part of a larger campaign to target SaaS vendors.
