Stay Updated with the Latest Tech News
Get ahead of the curve with the latest insights, trends, and analysis in the tech world.
Browse by Category
Dell Breached by Extortion Group, Says Data Stolen Was 'Fake'
The World Leaks group accessed and released data from the company's Customer Solution Center, which is separated from customer and partner systems and stores primarily "synthetic" datasets used for demos and testing, Dell said.
Published on: July 22, 2025 | Source:
Share on Facebook
Share in Tweet (rip twitter)
Share on LinkedIn
Share on Reddit
Share on Threads
Share on Bluesky
Darktrace Acquires Mira Security for Network Visibility
The acquisition gives the British cybersecurity solutions provider more insights into encrypted network traffic and additional decryption capabilities.
Published on: July 22, 2025 | Source:Critical Infrastructure Security Is a Critical Concern
To be truly resilient in the ever-growing threat landscape, organizations need to balance protection with preparation.
Published on: July 22, 2025 | Source:Cisco Confirms Active Exploits Targeting ISE Flaws Enabling Unauthenticated Root Access
Cisco on Monday updated its advisory of a set of recently disclosed security flaws in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) to acknowledge active exploitation. "In July 2025, the Cisco PSIRT [Product Security Incident Response Team], became aware of attempted exploitation of some of these vulnerabilities in the wild," the company said in an alert. The
Published on: July 22, 2025 | Source:Credential Theft and Remote Access Surge as AllaKore, PureRAT, and Hijack Loader Proliferate
Mexican organizations are still being targeted by threat actors to deliver a modified version of AllaKore RAT and SystemBC as part of a long-running campaign. The activity has been attributed by Arctic Wolf Labs to a financially motivated hacking group called Greedy Sponge. It's believed to be active since early 2021, indiscriminately targeting a wide range of sectors, such as retail,
Published on: July 22, 2025 | Source:Coast Guard Issues Cybersecurity Rule for Maritime Transport Safety
The cybersecurity requirements follow an extended timeline over the next two years, and are meant to secure US shipping ports from disruption by malicious actors.
Published on: July 22, 2025 | Source:Dior Says Personal Information Stolen in Cyberattack
Dior says hackers accessed personal information in a January 2025 intrusion. No payment information was compromised. The post Dior Says Personal Information Stolen in Cyberattack appeared first on SecurityWeek.
Published on: July 22, 2025 | Source:โEncryption Backdoors and the Fourth Amendmentโ
Law journal article that looks at the Dual_EC_PRNG backdoor from a US constitutional perspective: Abstract: The National Security Agency (NSA) reportedly paid and pressured technology companies to trick their customers into using vulnerable encryption products. This Article examines whether any of three theories removed the Fourth Amendmentโs requirement that this be reasonable. The first is that a challenge to the...
Published on: July 22, 2025 | Source:How to Advance from SOC Manager to CISO?
Making the move from managing a security operations center (SOC) to being a chief information security officer (CISO) is a significant career leap. Not only do you need a solid foundation of tech knowledge but also leadership skills and business smarts. This article will guide you through the practical steps and skills youโll need to nab an executive cybersecurity job and make the
Published on: July 22, 2025 | Source:Why is your data worth so much? | Unlocked 403 cybersecurity podcast (S2E4)
Behind every free online service, there's a price being paid. Learn why your digital footprint is so valuable, and when you might actually be the product.
Published on: July 22, 2025 | Source:ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets
More details emerged on the ToolShell zero-day attacks targeting SharePoint servers, but confusion remains over the vulnerabilities. The post ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets appeared first on SecurityWeek.
Published on: July 22, 2025 | Source:China-Backed APT41 Cyberattack Surfaces in Africa
Up to now, the prolific China-sponsored cyber-espionage group has been mostly absent from the region, but a sophisticated and highly targeted attack on an African IT company shows Beijing is branching out.
Published on: July 22, 2025 | Source:Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access
The recently disclosed critical Microsoft SharePoint vulnerability has been under exploitation as early as July 7, 2025, according to findings from Check Point Research. The cybersecurity company said it observed first exploitation attempts targeting an unnamed major Western government, with the activity intensifying on July 18 and 19, spanning government, telecommunications, and software
Published on: July 22, 2025 | Source:Human Digital Twins Could Give Attackers a Dangerous Advantage
While this emerging impersonation technology offers many benefits, digital twins also have several drawbacks, including use in social engineering attacks.
Published on: July 21, 2025 | Source:Malicious Implants Are Coming to AI Components, Applications
A red teamer is publishing research next month about how weaknesses in modern security products lay the groundwork for stealthy implants in AI-powered applications.
Published on: July 21, 2025 | Source:After website hack, Arizona election officials unload on Trumpโs CISA
As the state responded to a pro-Iranian attack, officials tell CyberScoop that it avoided reaching out to the federal agency, partly because it has been โpoliticized and weakenedโ under the president. The post After website hack, Arizona election officials unload on Trumpโs CISA appeared first on CyberScoop.
Published on: July 21, 2025 | Source:Europol Sting Leaves Russian Cybercrime's 'NoName057(16)' Group Fractured
National authorities have issued seven arrest warrants in total relating to the cybercrime collective known as NoName057(16), which recruits followers to carry out DDoS attacks on perceived enemies of Russia.
Published on: July 21, 2025 | Source:Iran-Linked DCHSpy Android Malware Masquerades as VPN Apps to Spy on Dissidents
Cybersecurity researchers have unearthed new Android spyware artifacts that are likely affiliated with the Iranian Ministry of Intelligence and Security (MOIS) and have been distributed to targets by masquerading as VPN apps and Starlink, a satellite internet connection service offered by SpaceX. Mobile security vendor Lookout said it discovered four samples of a surveillanceware tool it tracks
Published on: July 21, 2025 | Source:China-Linked Hackers Launch Targeted Espionage Campaign on African IT Infrastructure
The China-linked cyber espionage group tracked as APT41 has been attributed to a new campaign targeting government IT services in the African region. "The attackers used hardcoded names of internal services, IP addresses, and proxy servers embedded within their malware," Kaspersky researchers Denis Kulik and Daniil Pogorelov said. "One of the C2s [command-and-control servers] was a captive
Published on: July 21, 2025 | Source:Microsoft Fix Targets Attacks on SharePoint Zero-Day
On Sunday, July 20, Microsoft Corp. issued an emergency security update for a vulnerability in SharePoint Server that is actively being exploited to compromise vulnerable organizations. The patch comes amid reports that malicious hackers have used the Sharepoint flaw to breach U.S. federal and state agencies, universities, and energy companies.
Published on: July 21, 2025 | Source:Microsoft Rushes Emergency Patch for Actively Exploited SharePoint 'ToolShell' Bug
Malicious actors already have already pounced on the zero-day vulnerability, tracked as CVE-2025-53770, to compromise US government agencies and other businesses in ongoing and widespread attacks.
Published on: July 21, 2025 | Source:Containment as a Core Security Strategy
We cannot keep reacting to vulnerabilities as they emerge. We must assume the presence of unknown threats and reduce the blast radius that they can affect.
Published on: July 21, 2025 | Source:Mass attack spree hits Microsoft SharePoint zero-day defect
Attackers have already used the exploit dubbed โToolShellโ to intrude hundreds of organizations globally, including private companies and government agencies. The post Mass attack spree hits Microsoft SharePoint zero-day defect appeared first on CyberScoop.
Published on: July 21, 2025 | Source:Iranian APT Targets Android Users With New Variants of DCHSpy Spyware
Iranian APT MuddyWater has been using new versions of the DCHSpy Android surveillance tool since the beginning of the conflict with Israel. The post Iranian APT Targets Android Users With New Variants of DCHSpy Spyware appeared first on SecurityWeek.
Published on: July 21, 2025 | Source:Why itโs time for the US to go on offense in cyberspace
The U.S. is stepping into a new cyber era, and it comes not a moment too soon. With the Trump administrationโs sweeping $1 billion cyber initiative in the โBig Beautiful Billโ and growing congressional momentum under the 2026 National Defense Authorization Act (NDAA) to strengthen cyber deterrence, weโre seeing a shift in posture that many [โฆ] The post Why itโs time for the US to go on offense in cyberspace appeared...
Published on: July 21, 2025 | Source:โก Weekly Recap: SharePoint 0-Day, Chrome Exploit, macOS Spyware, NVIDIA Toolkit RCE and More
Even in well-secured environments, attackers are getting inโnot with flashy exploits, but by quietly taking advantage of weak settings, outdated encryption, and trusted tools left unprotected. These attacks donโt depend on zero-days. They work by staying unnoticedโslipping through the cracks in what we monitor and what we assume is safe. What once looked suspicious now blends in, thanks to
Published on: July 21, 2025 | Source:Marketing, Law Firms Say Data Breaches Impact Over 200,000 People
Cierant Corporation and Zumpano Patricios independently disclosed data breaches, each impacting more than 200,000 individuals. The post Marketing, Law Firms Say Data Breaches Impact Over 200,000 People appeared first on SecurityWeek.
Published on: July 21, 2025 | Source:Assessing the Role of AI in Zero Trust
By 2025, Zero Trust has evolved from a conceptual framework into an essential pillar of modern security. No longer merely theoretical, itโs now a requirement that organizations must adopt. A robust, defensible architecture built on Zero Trust principles does more than satisfy baseline regulatory mandates. It underpins cyber resilience, secures third-party partnerships, and ensures uninterrupted
Published on: July 21, 2025 | Source:Another Supply Chain Vulnerability
ProPublica is reporting: Microsoft is using engineers in China to help maintain the Defense Departmentโs computer systemsโwith minimal supervision by U.S. personnelโleaving some of the nationโs most sensitive data vulnerable to hacking from its leading cyber adversary, a ProPublica investigation has found. The arrangement, which was critical to Microsoft winning the federal governmentโs cloud computing business a...
Published on: July 21, 2025 | Source:Surveillance Firm Bypasses SS7 Protections to Retrieve User Location
A surveillance company was caught using an SS7 bypass technique to trick wireless carriers into divulging usersโ locations. The post Surveillance Firm Bypasses SS7 Protections to Retrieve User Location appeared first on SecurityWeek.
Published on: July 21, 2025 | Source:750,000 Impacted by Data Breach at The Alcohol & Drug Testing Service
The Alcohol & Drug Testing Service (TADTS) says personal information was stolen in a July 2024 ransomware attack. The post 750,000 Impacted by Data Breach at The Alcohol & Drug Testing Service appeared first on SecurityWeek.
Published on: July 21, 2025 | Source:PoisonSeed Attack Turns Out to Be Not a FIDO Bypass After All
Cybersecurity firm Expel, in an update shared on July 25, 2025, said it's retracting its findings about a phishing attack that it said leveraged cross-device sign-in to get around FIDO account protections despite being not in physical proximity to the authenticating client device. "The evidence does show the targeted user's credentials (username and password) being phished and that the attacker
Published on: July 21, 2025 | Source:PoisonSeed Hackers Bypass FIDO Keys Using QR Phishing and Cross-Device Sign-In Abuse
Cybersecurity researchers have disclosed a novel attack technique that allows threat actors to downgrade Fast IDentity Online (FIDO) key protections by deceiving users into approving authentication requests from spoofed company login portals.FIDO keys are hardware- or software-based authenticators designed to eliminate phishing by binding logins to specific domains using public-private key
Published on: July 21, 2025 | Source:Microsoft Releases Urgent Patch for SharePoint RCE Flaw Exploited in Ongoing Cyber Attacks
Microsoft on Sunday released security patches for an actively exploited security flaw in SharePoint and also disclosed details of another vulnerability that it said has been addressed with "more robust protections." The tech giant acknowledged it's "aware of active attacks targeting on-premises SharePoint Server customers by exploiting vulnerabilities partially addressed by the July Security
Published on: July 21, 2025 | Source:Hard-Coded Credentials Found in HPE Instant On Devices Allow Admin Access
Hewlett-Packard Enterprise (HPE) has released security updates to address a critical security flaw affecting Instant On Access Points that could allow an attacker to bypass authentication and gain administrative access to susceptible systems. The vulnerability, tracked as CVE-2025-37103, carries a CVSS score of 9.8 out of a maximum of 10.0. "Hard-coded login credentials were found in HPE
Published on: July 21, 2025 | Source: