Tennesseeâs largest school district sues PowerSchool over data breach
Memphis-Shelby County Schoolsâ federal lawsuit against the ed tech giant is among the latest that have been filed by over 100 other districts nationwide.
Hackers exploit VMware ESXi, Microsoft SharePoint zero-days at Pwn2Own
During the second day of Pwn2Own Berlin 2025, competitors earned $435,000 after exploiting zero-day bugs in multiple products, including Microsoft SharePoint, VMware ESXi, Oracle VirtualBox, Red Hat Enterprise Linux, and Mozilla Firefox.
Printer maker Procolored offered malware-laced drivers for months
For at least half a year, the official software supplied with Procolored printers included malware in the form of a remote access trojan and a cryptocurrency stealer.
Ransomware gangs increasingly use Skitnet post-exploitation malware
Ransomware gang members increasingly use a new malware called Skitnet ("Bossnet") to perform stealthy post-exploitation activities on breached networks.
The Human Resources domain of the CCM helps organizations manage risks associated with insider threats by defining policies for the employee lifecycle.
Japan enacts new Active Cyberdefense Law allowing for offensive cyber operations
The new law, which was first mooted in 2022, is intended to help Japan strengthen its cyber defense âto a level equal to major Western powersâ and marks a break from the countryâs traditional approach to cyber defense.
Communications Backdoor in Chinese Power Inverters - Schneier on Security
This is a weird story: U.S. energy officials are reassessing the risk posed by Chinese-made devices that play a critical role in renewable energy infrastructure after unexplained communication equipment was found inside some of them, two people familiar with the matter said. [âŠ] Over the past nine months, undocumented communication devices, including cellular radios, have also been found in some batteries from multiple Chinese suppliers, one of them said. Reuters was unable to determine how many solar power inverters and batteries they have looked at...
SHARED INTEL Q&A: AI in the SOC isnât all about speed â itâs more so about smoothing process
The SOC has long been the enterpriseâs first line of defense. But despite years of investment in threat feeds and automation platforms, the same question persists: why does intelligence still struggle to translate into timely action? Related: IBM makes the AI speed argument for SOCs The 2023 disclosure of Volt Typhoon was a case in
An analysis by Robert Walters found there are around 17,000 cybersecurity vacancies in the UK currently, with organizations struggling to fill open positions
Russian Espionage Operation Targets Organizations Linked to Ukraine War
In Operation RoundPress, the compromise vector is a spearphishing email leveraging an XSS vulnerability to inject malicious JavaScript code into the victim's webmail page