Data Poisoning is when someone intentionally messes with data to make it unreliable or incorrect. This can be done to cause harm or damage.

(Adobe Stock)

Agentic AI used by threat actors to turbocharge cyberattacks

Shaun NicholsMay 14, 2025

Palo Alto Networks researchers spot instances where threat actors are using AI platforms.

RESOURCES

Identity
Deepfakes unveiled: Emerging threats and technological defenses in the digital age
Network Security
Think your cloud is secure? Three common misconfigurations you’re probably overlooking
Network Security
Your cloud is only as strong as its weakest link: How full mesh SASE closes hidden security gaps
Network Security
The hidden costs of legacy security stacks—and how to reclaim your budget
Network Security
CIOs grapple with budget pressures: New playbook offers fresh take on network security ROI

PODCASTS

Leadership
CISO Communication and Hiring, as they Combat Threat and Penetration Testing Trends – Derek Manky, Gunter Ollmann – BSW #395
AI/ML
Deepfake, South Korea, Moonlander, ChineseAI, FBI, AI damages professional reputation – SWN #476
Application security
Secure Code Reviews, LLM Coding Assistants, and Trusting Code – Rey Bango, Karim Toubba, Gal Elbaz – ASW #330
Data Security
Mapping the Modern Attack Surface: Fintech’s Evolving Risk Frontier – Erika Dean – CSP #212
IAM Technologies
Secrets and their role in infrastructure security – Jawahar Sivasankaran, Chas Clawson, Sergey Gorbaty, Fernando Medrano – ESW #406

FEATURED

Perspectives Spotlight: Expert Insights

Perspectives Spotlight: Expert Insights

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Perspectives

In Brief

More Resources

Vulnerability Management

European Vulnerability Database debuts amid CVE shakeup

Laura FrenchMay 14, 2025

The EUVD, maintained by ENISA, compiles information from the CVE program, CSIRTs and vendors.

SAP is a German based multinational software corporation

Vulnerability Management

SAP NetWeaver flaw exploited by ransomware groups BianLian, RansomEXX

Steve ZurierMay 14, 2025

A second zero-day flaw was found in addition to exploitation of Netweaver by ransomware groups.

Tycoon 2FA phishing kit update timeline reveals new evasion techniques

Laura FrenchMay 13, 2025

Browser fingerprinting and additional payload encryption are the most recent methods used.

patch presented in the form of binary code

Network Security

Microsoft fixes 75 vulnerabilities, 11 critical, in May Patch Tuesday

Shaun NicholsMay 13, 2025

Patches include five vulnerabilities actively targeted in the wild, as well as two others with public exploit code available.

The Signal app icon on a smartphone.

Governance, Risk and Compliance

TeleMessage Signal app lands on CISA’s exploited vulnerability list

Steve ZurierMay 13, 2025

CISA responded to concerns that the flaw potentially lets attackers access entire message histories from Signal clones.

Fake image-to-video AI sites deliver novel ‘Noodlophile’ infostealer

Laura FrenchMay 12, 2025

The “AI videos” generated from these sites are actually malicious executables that set off the attack chain.

Application security

Google settles nearly $1.4B Texas case for collecting personal data

Shaun NicholsMay 12, 2025

Settlement is the largest individual penalty to date against Google in the state of Texas.

Cyberattacks on healthcare

April 2025 Ascension Health breach affected 437,329, reports HHS

Steve ZurierMay 12, 2025

Recent attack points out the need for all organizations to refocus on third-party bugs and identity management.

EVENTS