Red Hat OpenShift AI Flaw Exposes Hybrid Cloud Infrastructure to Full Takeover
Oct 01, 2025Ravie LakshmananAI Security / Cloud Security A severe security flaw has been disclosed in the Red Hat OpenShift...
been
Meeting IEC 62443 Compliance: How CimTrak Secures Industrial Control Systems
The Rising Stakes in Critical Infrastructure Security Cybersecurity has traditionally been framed as an IT issue, protecting desktops, databases, and...
Sharpening the Focus on Product Requirements and Cybersecurity Risks: Updating Foundational Activities for IoT Product Manufacturers
Over the past few months, NIST has been revising and updating Foundational Activities for IoT Product Manufacturers (NIST IR 8259...
Sophos named a Leader in the IDC MarketScape™: Worldwide Extended Detection and Response (XDR) Software 2025
We’re proud to announce that Sophos has been named a Leader in the IDC MarketScape™: Worldwide Extended Detection and Response...
EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations
Threat actors have been observed using seemingly legitimate artificial intelligence (AI) tools and software to sneakily slip malware for future...
First Malicious MCP Server Found Stealing Emails in Rogue Postmark-MCP Package
Sep 29, 2025Ravie LakshmananMCP Server / Vulnerability Cybersecurity researchers have discovered what has been described as the first-ever instance of...
Researchers Expose SVG and PureRAT Phishing Threats Targeting Ukraine and Vietnam
Sep 26, 2025Ravie LakshmananMalware / Cryptocurrency A new campaign has been observed impersonating Ukrainian government agencies in phishing attacks to...
New COLDRIVER Malware Campaign Joins BO Team and Bearlyfy in Russia-Focused Cyberattacks
The Russian advanced persistent threat (APT) group known as COLDRIVER has been attributed to a fresh round of ClickFix-style attacks...
The New Perimeter is Your Supply Chain
Security leaders know that perimeters have always been moving targets. We defended networks with firewalls, then endpoints with agents, then...
Chinese Hackers Steal Data from U.S. Legal, Tech Firms for More Than a Year
Suspected Chinese hackers for months have been quietly hacking their way into the networks and systems of organization in the...
The Compliance Automation Mirage: Why Vendors Keep Failing and Where AI Finally Gets It Right
If you’ve been in the trenches of enterprise risk and compliance for any length of time, you’ve heard the...
UNC1549 Hacks 34 Devices in 11 Telecom Firms via LinkedIn Job Lures and MINIBIKE Malware
An Iran-nexus cyber espionage group known as UNC1549 has been attributed to a new campaign targeting European telecommunications companies, successfully...
17,500 Phishing Domains Target 316 Brands Across 74 Countries in Global PhaaS Surge
The phishing-as-a-service (PhaaS) offering known as Lighthouse and Lucid has been linked to more than 17,500 phishing domains targeting 316...
macOS Tahoe is out of touch with Apple’s Touch Bar
First, this suggests development of the feature has either stopped completely or been moved to a different cadence (perhaps Apple...
CountLoader Broadens Russian Ransomware Operations With Multi-Version Malware Loader
Cybersecurity researchers have discovered a new malware loader codenamed CountLoader that has been put to use by Russian ransomware gangs...
