SonicWall urges admins to patch VPN flaw exploited in attacks
SonicWall has urged its customers to patch three security vulnerabilities affecting its Secure Mobile Access (SMA) appliances, one of them tagged as exploited in attacks
Spam campaign targeting Brazil abuses Remote Monitoring and Management tools
A new spam campaign is targeting Brazilian users with a clever twist — abusing the free trial period of trusted remote monitoring tools and the country’s electronic invoice system to spread malicious agents.
interos.ai Joins World Economic Forum’s Global Data Partnership Against Forced Labour - Interos
As part of a pioneering coalition, interos.ai brings AI-powered risk intelligence to a global initiative aimed at eradicating forced labor from supply chains
LockBit ransomware gang hacked, victim negotiations exposed
The LockBit ransomware gang has suffered a data breach after its dark web affiliate panels were defaced and replaced with a message linking to a MySQL database dump.
PowerSchool customers hit by downstream extortion threats | CyberScoop
The large education tech vendor was hit by a cyberattack and paid a ransom in December. Now, a threat actor is attempting to extort the company’s customers with stolen data.
Pakistani Firm Shipped Fentanyl Analogs, Scams to US
A Texas firm recently charged with conspiring to distribute synthetic opioids in the United States is at the center of a vast network of companies in the U.S. and Pakistan whose employees are accused of using online ads to scam…
CrowdStrike cuts 5% of workforce after revenue jumped 29% last year | CyberScoop
CEO George Kurtz said the decision to cut about 500 jobs was driven by internal efficiency gains from AI and multibillion-dollar opportunities in new market segments.
Six DDoS sites seized in multi-national law enforcement operation | CyberScoop
Polish authorities, with support from Europol and international agencies, have arrested four people accused of running six DDoS-for-hire platforms linked to thousands of global cyberattacks.
Hackers exploit OttoKit WordPress plugin flaw to add admin accounts
Hackers are exploiting a critical unauthenticated privilege escalation vulnerability in the OttoKit WordPress plugin to create rogue admin accounts on targeted sites.
CoGUI phishing platform sent 580 million emails to steal credentials
A new phishing kit named 'CoGUI' sent over 580 million emails to targets between January and April 2025, aiming to steal account credentials and payment data.
PowerSchool hacker now extorting individual school districts
PowerSchool is warning that the hacker behind its December cyberattack is now individually extorting schools, threatening to release the previously stolen student and teacher data if a ransom is not paid.
Meet the Deputy CISOs who help shape Microsoft’s approach to cybersecurity: Part 2
Meet the minds behind how Microsoft prioritizes cybersecurity across every team and employee. Three deputy chief information security officers share their experiences in cybersecurity and how they are redefining protection.
Get a technical breakdown of the 2024 Snowflake data breach, including a description of the Advanced Persistent Threat and how the breach impacted the business.