Meet Rey, the Admin of ‘Scattered Lapsus$ Hunters’
A prolific cybercriminal group that calls itself “Scattered LAPSUS$ Hunters” has dominated headlines this year by regularly stealing data from...
that
FBI Reports $262M in ATO Fraud as Researchers Cite Growing AI Phishing and Holiday Scams
The U.S. Federal Bureau of Investigation (FBI) has warned that cybercriminals are impersonating financial institutions with an aim to steal...
Radware Adds Firewall for LLMs to Security Portfolio
Radware has developed a firewall for large language models (LLMs) that ensures governance and security policies are enforced in...
Years of JSONFormatter and CodeBeautify Leaks Expose Thousands of Passwords and API Keys
Nov 25, 2025Ravie LakshmananData Exposure / Cloud Security New research has found that organizations in various sensitive sectors, including governments,...
Building a Strong Cloud Data Loss Prevention Strategy: A Step-by-Step Guide
In an era where data fuels every business decision, protecting that data has become a defining element of organisational...
When the Browser Becomes the Battleground for AI and Last-Mile Attacks
For years we treated the browser as just another application. That era is over. As Vivek Ramachandran points out,...
The Sophos Central UAE region is now live!
We’re excited to share that the Sophos Central UAE Region is now live! Hosted on Amazon Web Services (AWS) within...
Securing GenAI in Enterprises: Lessons from the Field
There’s a significant gap between the potential value of AI and the measurable value that enterprises have only recently...
Chinese DeepSeek-R1 AI Generates Insecure Code When Prompts Mention Tibet or Uyghurs
New research from CrowdStrike has revealed that DeepSeek's artificial intelligence (AI) reasoning model DeepSeek-R1 produces more security vulnerabilities in response...
Countering the Digital Threat – NATO 2025
Countering the Digital Threat – NATO 2025 I am incredibly honored and proud to announce that I have been formally...
AI as Cyberattacker
From Anthropic: In mid-September 2025, we detected suspicious activity that later investigation determined to be a highly sophisticated espionage...
Fortinet FortiWeb Authentication Bypass and Command Injection Vulnerability (CVE-2025-64446/CVE-2025-58034) Notice
Overview Recently, NSFOCUS CERT detected that Fortinet issued a security bulletin to fix the FortiWeb authentication bypass and command...
Ghost Tapping: What It Is, How It Works, and How to Stay Safe
Contactless payments make everyday purchases fast and easy. Yet with that convenience comes a risk: ghost tapping. In crowded spaces...
Researchers devised a new enumeration technique that exposed 3.5B WhatsApp profiles
Researchers devised a new enumeration technique that exposed 3.5B WhatsApp profiles Pierluigi Paganini November 20, 2025 Researchers disclosed a WhatsApp...
Trust Beyond Containers: Identity and Agent Security Lessons from KubeCon 2025
Before Atlanta was named Atlanta, it was called "Termius". That first name is derived from the Western & Atlantic...
