CFPB to withdraw rule targeting data brokers | CyberScoop
The Trump administrationâs CFPB nominee spoke positively in February about the Biden-era rule to regulate the sale of Americansâ personal data, but he is now slotted instead for a Treasury Department role.
Google to pay $1.38 billion over privacy violations
The state of Texas reached a mammoth financial agreement with Google last week, securing $1.375 billion in payments to settle two lawsuits concerning the use of consumers' data.
Nova Scotia Power says customer banking details may have been stolen by hackers
An network intrusion at Nova Scotia Power in March led to a breach of sensitive customer data, the Canadian utility said in an update about the incident.
ââExplore practical best practices to secure your data with Microsoft Purviewââ
Microsoft presents best practices for securing data and optimizing Microsoft Purview implementation, emphasizing the integration of people, processes, and technology.
Analyzing CVE-2025-31191: A macOS security-scoped bookmarks-based sandbox escape
Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system. We shared our findings with Apple and a fix was released for this vulnerability, now identified as CVE-2025-31191. We encourage macOS users to apply security updates as soon as possible.
Microsoft partners with Global Anti-Scam Alliance to fight cybercrime
Microsoft announces that it will be joining GASA as a Foundation Member. Read about how Microsoft and the other members of GASA hope to stem losses from cyber scams.
Meet the Deputy CISOs who help shape Microsoftâs approach to cybersecurity: Part 2
Meet the minds behind how Microsoft prioritizes cybersecurity across every team and employee. Three deputy chief information security officers share their experiences in cybersecurity and how they are redefining protection.
Marbled Dust leverages zero-day in Output Messenger for regional espionage
Since April 2024, the threat actor that Microsoft Threat Intelligence tracks as Marbled Dust has been observed exploiting user accounts that have not applied fixes to a zero-day vulnerability (CVE-2025-27920) in the messaging app Output Messenger, a multiplatform chat software. These exploits have resulted in collection of related user data from targets in Iraq. Microsoft [âŠ]
Hackers behind UK retail attacks now targeting US companies
Google warned today that hackers using Scattered Spider tactics against retail chains in the United Kingdom have also started targeting retailers in the United States.
Google says hackers behind UK retail cyber campaign now also targeting US
"US retailers should take note" of recent cyberattacks on British companies, according to Google's Threat Intelligence Group, as the financially motivated collective known as Scattered Spider appears to be connected.
Ransomware gangs join ongoing SAP NetWeaver attacks
Ransomware gangs have joined ongoing SAP NetWeaver attacks, exploiting a maximum-severity vulnerability that allows threat actors to gain remote code execution on vulnerable servers.
Cybersecurity incident forces largest US steelmaker to take some operations offline
In an 8-K filing with federal regulators, Nucor said the incident involved âunauthorized third party access to certain information technology systemsâ but did not explain further.
Australian Human Rights Commission leaks docs to search engines
The Australian Human Rights Commission (AHRC) disclosed a data breach incident where private documents leaked online and were indexed by major search engines.
News alert: INE Security highlights monthly CVE Labs aimed at sharpening real-world defense
Cary, NC, May 14, 2025, CyberNewswire -- INE Security, a global leader in hands-on cybersecurity training and certifications, today highlighted how ongoing real-world practice with the latest CVEs (Common Vulnerabilities and Exposures) is essential for transforming security teams from reactive to proactive defenders. With over 26,000 new CVEs documented in the past year, security teams