NY Business Council discloses data breach affecting 47,000 people
The Business Council of New York State (BCNYS) has revealed that attackers who breached its network in February stole the personal, financial, and health information of over 47,000 individuals.
Microsoft: August security updates break Windows recovery, reset
Microsoft has confirmed that the August 2025 Windows security updates are breaking reset and recovery operations on systems running Windows 10 and older versions of Windows 11.
UK abandons Apple backdoor demand after US diplomatic pressure | CyberScoop
The United Kingdom has withdrawn its demand that Apple create a backdoor to its encrypted cloud systems following months of diplomatic pressure from the United States, according to a statement from Director of National Intelligence Tulsi Gabbard.
An Actionable Approach to Supplier Alternatives: interos.ai Unveils Similar Suppliers to Turn Risk into Strategic Advantage - interos.ai
See how itariffs and Similar Suppliers can help you stay ahead of tariff changes and provide actionable insights and next steps to mitigate risk. With unprecedented supply chain volatility, identifying and engaging with alternative suppliers is no longer just tactical, it’s a necessity to keep your organization running at maximum efficiency. However, finding alternative....
Drug development company Inotiv reports ransomware attack to SEC
The Indiana-based pharmaceutical company Inotiv discovered a cybersecurity incident earlier this month and found the hackers had encrypted certain systems.
Get an inside look at how JJ Cummings helped build and lead one of Cisco Talos’ most impactful security teams, and discover what drives him to stay at the forefront of threat intelligence.
Kaspersky experts analyze GodRAT, a new Gh0st RAT-based tool attacking financial firms. It is likely a successor of the AwesomePuppet RAT connected to the Winnti group.
Empowering Future Innovators: NIST CTL Connects Cybersecurity Students with Real-World Research
As digital infrastructure increasingly influences our daily lives, the National Institute of Standards and Technology (NIST) is committed to advancing cybers
Zero-Day Exploit in WinRAR File - Schneier on Security
A zero-day vulnerability in WinRAR is being exploited by at least two Russian criminal groups: The vulnerability seemed to have super Windows powers. It abused alternate data streams, a Windows feature that allows different ways of representing the same file path. The exploit abused that feature to trigger a previously unknown path traversal flaw that caused WinRAR to plant malicious executables in attacker-chosen file paths %TEMP% and %LOCALAPPDATA%, which Windows normally makes off-limits because of their ability to execute code. More details in the article...
Penetration testing has long served as a cornerstone of cybersecurity—a red-team exercise, often once or twice a year, designed to surface exploitable weaknesses. But in today’s dynamic threat landscape, that model is showing its age. Related: Pentesting in the AI era Cloud-native architectures evolve hourly. APIs sprawl. Misconfigurations are exploited within days—sometimes hours—of deployment. Manual
Solana, paquets malveillants, infostealers… Des développeurs crypto russes ont-ils été piégés par des Américains ?
Dans une étude publiée le 16 août 2025, Paul McCarty, chercheur pour la société américaine Safety, dévoile les résultats de son enquête sur des paquets de développement malveillants ciblant les développeurs de l’écosystème Solana. Fait notable, la plupart des victimes identifiées sont russes, tandis que les serveurs
Workday s’est fait piéger par la méthode redoutable des hackers, les cyberattaques par CRM
Dans un communiqué publié le 15 août 2025, le géant des logiciels RH Workday annonce avoir été victime d'une cyberattaque ayant compromis certaines données professionnelles de ses clients. L'offensive s’inscrit dans un mode opératoire particulièrement efficace, qui vise les CRM des entreprises et qui continue
Nebraska man gets 1 year in prison for $3.5M cryptojacking scheme
A Nebraska man was sentenced to one year in prison for defrauding cloud computing providers of over $3.5 million to mine cryptocurrency worth nearly $1 million.
Massive Allianz Life data breach impacts 1.1 million people
Hackers have stolen the personal information of 1.1 million individuals in a Salesforce data theft attack, which impacted U.S. insurance giant Allianz Life in July.