RansomwareRansomware attack on Marquis Software Solutions targeted 74 banksSteve ZurierDecember 4, 2025Data from over 400,000 users stolen in a ransomware attack on SonicWall firewall.
Application securityCISA issues joint guidance on secure use of AI in OT systemsLaura FrenchDecember 4, 2025The document outlines four key principles to follow when considering AI use in OT.
Application securityIndia backs off from requiring government-made security appSteve ZurierDecember 3, 2025Experts preferred EU approach of mandating security outcomes on vendors versus a government app.
AI/MLClaude Agent Skills could be used to deploy malware, researchers sayLaura FrenchDecember 3, 2025An attacker could distribute a malicious Skill that quietly retrieves external scripts.
Application securityShadyPanda exploited Chrome, Edge browser extensions for 7 yearsSteve ZurierDecember 2, 2025Threat actor infiltrated devices via browser extensions, quietly making money for years until they finally were outed.
Data SecuritySouth Korea online retailer Coupang breach affects 33.7 millionSteve ZurierDecember 1, 2025Experts say similar breaches can happen in the U.S. if teams fail to protect company databases.
RansomwareOracle EBS exploitation similar to Clop’s MOVEit, GoAnywhere attacksSteve ZurierDecember 1, 2025Clop ransomware group moves from file transfer tools to legacy business systems like Oracle EBS.
Application securityAccepting Microsoft Teams guest invitations could pose a security riskLaura FrenchDecember 1, 2025Defender for Office 365 protections do not carry over when joining another Teams tenant.
Network SecurityCyberattacks on legacy firewalls continue. What security teams can doSteve ZurierNovember 26, 2025Security pros offer tips on how to defend against unending attacks on legacy firewalls.
Application securitySynced calendars a potential threat vector for millions of devicesLaura FrenchNovember 26, 2025Expired or compromised domains could be used to push out malicious calendar files.
