Security News > 2025 > April

Cybersecurity researchers have disclosed details of a now-patched privilege escalation vulnerability in Google Cloud Platform (GCP) Cloud Run that could have allowed a malicious actor to access...

Cisco warns admins to patch a critical Cisco Smart Licensing Utility (CSLU) vulnerability, which exposes a built-in backdoor admin account now used in attacks. [...]

In today’s digital landscape, understanding your organization’s attack surface is crucial for maintaining robust cybersecurity. To effectively manage and mitigate the cyber-risks hiding in modern...

While its downloadable plugins make it highly customizable, KeePass’ unintuitive interface holds it back from one of our top password manager picks.

Sending end-to-end encrypted (E2EE) emails from Gmail enterprise accounts is about to become much easier than it is now, Google has announced on Tuesday. The company will first make available this...

Organizational, technological resilience combined defeat the disease that is cybercrime When IT disasters strike, it can become a matter of life and death for healthcare organizations – and...

Introduction As the cybersecurity landscape evolves, service providers play an increasingly vital role in safeguarding sensitive data and maintaining compliance with industry regulations. The...

John Kelsey and I wrote a short paper for the Rossfest Festschrift: “Rational Astrologies and Security“: There is another non-security way that designers can spend their security budget: on making...

Victims expect to spend considerable time and money over privacy incident, lawyers argue Specialist class action lawyers have launched proceedings against Oracle in Texas over two alleged data breaches.…

Cybersecurity researchers have shed light on an "auto-propagating" cryptocurrency mining botnet called Outlaw (aka Dota) that's known for targeting SSH servers with weak credentials. "Outlaw is a...