Security News

4.5% of breaches now extend to fourth parties
2025-05-27 04:30

Security teams can no longer afford to treat third-party security as a compliance checkbox, according to SecurityScorecard. Traditional vendor risk assessments, conducted annually or quarterly,...

⚡ Weekly Recap: APT Campaigns, Browser Hijacks, AI Malware, Cloud Breaches and Critical CVEs
2025-05-26 09:23

Cyber threats don't show up one at a time anymore. They’re layered, planned, and often stay hidden until it’s too late. For cybersecurity teams, the key isn’t just reacting to alerts—it’s spotting...

Third Parties and Machine Credentials: The Silent Drivers Behind 2025's Worst Breaches
2025-05-06 11:25

It wasn't ransomware headlines or zero-day exploits that stood out most in this year's Verizon 2025 Data Breach Investigations Report (DBIR) — it was what fueled them. Quietly, yet consistently,...

Online fraud peaks as breaches rise
2025-05-01 04:30

Data breaches played a key role in significant financial losses faced by consumers due to fraud. In this Help Net Security video, Steve Yin, Global Head of Fraud at TransUnion, and Brad...

⚡ Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More
2025-04-28 12:18

What happens when cybercriminals no longer need deep skills to breach your defenses? Today’s attackers are armed with powerful tools that do the heavy lifting — from AI-powered phishing kits to...

How Breaches Start: Breaking Down 5 Real Vulns
2025-04-28 11:00

Not every security vulnerability is high risk on its own - but in the hands of an advanced attacker, even small weaknesses can escalate into major breaches. These five real vulnerabilities,...

FBI seeks help to unmask Salt Typhoon hackers behind telecom breaches
2025-04-25 09:34

The FBI has asked the public for information on Chinese Salt Typhoon hackers behind widespread breaches of telecommunications providers in the United States and worldwide. [...]

Researchers Identify Rack::Static Vulnerability Enabling Data Breaches in Ruby Servers
2025-04-25 08:57

Cybersecurity researchers have disclosed three security flaws in the Rack Ruby web server interface that, if successfully exploited, could enable attackers to gain unauthorized access to files,...

Your vendor may be the weakest link: Percentage of third-party breaches doubled in a year
2025-04-24 09:28

Cybercriminals are targeting software shops, accountants, lawyers The percentage of confirmed data breaches involving third-party relationships doubled last year as cybercriminals increasingly...

2025 Data Breach Investigations Report: Third-party breaches double
2025-04-23 11:44

The exploitation of vulnerabilities has seen another year of growth as an initial access vector for breaches, reaching 20%, according to Verizon’s 2025 Data Breach Investigations Report....