News

Upcoming Events

Beyond The Firewall: Ensuring OT App Security
2025-04-28 | 2025-05-01
In this webcast, we’ll delve into how application security principles intersect with the Operational Technology (OT) landscape, bolstering your OT application security posture.
...Read more

All times are Eastern Time (GMT/UTC -4h)

CISA extends CVE program contract with MITRE for 11 months amid alarm over potential lapse
MITRE will continue operating the CVE program for at least 11 months after temporary extended contract...Read more

CISA extends funding to ensure 'no lapse in critical CVE services'
Warning from MITRE that gov funding for the CVE/CWE programs was set to expire 16 Apr, potentially leading to widespread...Read more

Funding Expires for Key Cyber Vulnerability Database
The federally funded, non-profit research and development organization MITRE warned CVE program set to expire...Read more

US Comptroller Cyber 'Incident' Compromises Org's Emails
A review of the emails involved in the breach is still ongoing, what's discovered can label it a "major cyber incident."...Read more

From likes to leaks: How social media presence impacts corporate security
CISOs must account for employee behavior beyond the firewall. The attack surface no longer ends at corporate endpoints...Read more

WhatsApp Vulnerability Could Facilitate Remote Code Execution
An update for WhatsApp desktop app for Windows patches CVE-2025-30401, a spoofing vulnerability that could trick users...Read more

Hackers target SSRF bugs in EC2-hosted sites to steal AWS credentials
attackers located websites hosted on EC2 with SSRF flaws, allowing them to remotely query the internal EC2 Metadata URLs...Read more

How to find out if your AI vendor is a security risk
Even with DLP policies AI data leaks are challenging to prevent. The AI security checklist: What to look for in a vendor...Read more

Oracle says its cloud was in fact compromised
Oracle swore blind the claims were false. It turns out the only thing false were the denials....Read more

How Today’s CIOs are Upskilling
In 2025 successful CIOs won’t just be technology leaders -- they will be business enablers, transformation and growth ...Read more

Native cloud firewalls failed security tests, report finds
stark performance disparities between native cloud firewalls and third-party solutions...Read more

WhatsApp flaw can let attackers run malicious code on Windows PCs
CVE-2025-30401 can be exploited by attackers by sending maliciously crafted files with altered file types...Read more

Third-party ransomware attack jeopardizes DBS Group, Bank of China Singapore data
11,000 individuals cumulatively compromised following a ransomware intrusion against data vendor Toppan Next Tech...Read more

Legacy Stripe API Exploited: Why PCI DSS Requirement 6.4.3 is Critical for Payment Security
This API was used to validate stolen credit card details, combining it with malicious scripts injected into payments...Read more