Security News > 2025

Apple blocked over $9 billion in App Store fraud in five years
2025-05-28 10:18

Apple says it blocked over $9 billion in fraudulent App Store transactions over the last five years, with over $2 billion in potentially fraudulent sanctions prevented in 2024 alone. [...]

The cost of compromise: Why password attacks are still winning in 2025
2025-05-28 10:00

Poor password management is responsible for thousands of data breaches, but it doesn’t have to be this way. Sponsored feature The IT business likes to reinvent things as quickly as possible....

How 'Browser-in-the-Middle' Attacks Steal Sessions in Seconds
2025-05-28 09:32

Would you expect an end user to log on to a cybercriminal’s computer, open their browser, and type in their usernames and passwords? Hopefully not! But that’s essentially what happens if they fall...

251 Amazon-Hosted IPs Used in Exploit Scan Targeting ColdFusion, Struts, and Elasticsearch
2025-05-28 09:23

Cybersecurity researchers have disclosed details of a coordinated cloud-based scanning activity that targeted 75 distinct "exposure points" earlier this month. The activity, observed by GreyNoise...

DragonForce double-whammy: First hit an MSP, then use RMM software to push ransomware
2025-05-28 06:45

SimpleHelp was the vector for the attack DragonForce ransomware infected a managed service provider, and its customers, after attackers exploited security flaws in remote monitoring and management...

Apple Blocks $9 Billion in Fraud Over 5 Years Amid Rising App Store Threats
2025-05-28 06:11

Apple on Tuesday revealed that it prevented over $9 billion in fraudulent transactions in the last five years, including more than $2 billion in 2024 alone. The company said the App Store is...

Why data provenance must anchor every CISO’s AI governance strategy
2025-05-28 05:30

Across the enterprise, artificial intelligence has crept into core functions – not through massive digital transformation programs, but through quiet, incremental adoption. Legal departments are...

Woodpecker: Open-source red teaming for AI, Kubernetes, APIs
2025-05-28 05:00

Woodpecker is an open-source tool that automates red teaming, making advanced security testing easier and more accessible. It helps teams find and fix security weaknesses in AI systems, Kubernetes...

GitHub becomes go-to platform for malware delivery across Europe
2025-05-28 04:30

Phishing has become the go-to method for attackers looking to get past security controls and access sensitive environments in Europe, according to Netskope. Users are now constantly dealing with...

Hottest cybersecurity open-source tools of the month: May 2025
2025-05-28 04:00

This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Vuls: Open-source agentless...