AI/MLNIST releases new AI attack taxonomy with expanded GenAI sectionLaura FrenchMay 21, 2025The latest version puts more emphasis on supply chain and AI agent security.
RansomwareApparent ransomware attack leads to systemwide outage for Kettering HealthSteve ZurierMay 21, 2025Kettering operates 14 medical centers and more than 120 outpatient locations in western Ohio.
IdentityOracle Database TNS vulnerability could leak data to further attacksShaun NicholsMay 20, 2025A vulnerability in Oracle database communications could allow an unauthenticated user to access system memory contents.
IdentitySEO poisoning campaign swipes direct deposits from employeesLaura FrenchMay 20, 2025Phishing pages targeting mobile devices showed up at the top of Google search results.
Identity‘Textbook identity attack’ dropped ransomware via fake KeePass siteSteve ZurierMay 20, 2025Malware exported the victims' KeePass password databases to drop ransomware on VMWare ESXi datastores.
Career ManagementCybersecurity salaries in 2025: Shifting priorities, rising demand for specialized rolesBill BrennerMay 20, 2025CyberSN’s 2025 Salary Data Report reveals rising pay for specialized technical and leadership roles, while generalist and support positions face stagnation amid outsourcing, automation, and tighter budgets.
RansomwareRansomware takes a back seat to AI on IT administrator worry listsShaun NicholsMay 20, 2025Attacks fueled by artificial intelligence tops the list of 29% of survey respondents.
Vulnerability ManagementCrawlomatic WordPress plugin patched for critical 9.8 RCE flawLaura FrenchMay 19, 2025Arbitrary file upload is made possible by a missing file type validation.
Data SecurityServiceaide data breach exposed info of 483K Catholic Health patientsSteve ZurierMay 19, 2025Incident underscores impact of third-party breaches on health organizations, security experts say.
Vulnerability ManagementGoogle Chrome data leakage bug confirmed as actively exploitedLaura FrenchMay 16, 2025Insufficient policy enforcement could lead to data disclosure when loading malicious resources.