A new variant of data-wiping malware, identified as CryWiper, has emerged and is specifically targeting Russian government institutions, such as mayoral offices and courthouses. Unlike traditional ransomware that encrypts data, CryWiper masquerades as ransomware but ultimately destroys data without providing…
Artificial Intelligence & Machine Learning, Governance & Risk Management, Identity & Access Management Why CISOs Must Rethink Access, Behavioral Analytics and AI Governance at Scale Joe Cozzupoli • September 9, 2025 Image: Shutterstock Zero trust has evolved from a mere…
Cybersecurity experts are sounding alarms about a recent campaign utilizing cracked software versions to spread information-stealing malware, including notable variants such as Lumma and ACR Stealer. The AhnLab Security Intelligence Center (ASEC) has reported a significant increase in ACR Stealer…
Risks in Data Center Lending: Development Delays and SLA Breaches Recent reports highlight increasing concerns surrounding data center lending, revealing significant risks associated with development delays and breaches of Service Level Agreements (SLAs). These challenges are gaining attention as they…
A targeted cyber intrusion campaign has been actively engaging telecommunications and business process outsourcing (BPO) companies since at least June 2022. This ongoing assault aims to infiltrate mobile carrier networks and is characterized by SIM swapping techniques, as highlighted in…
Professional Certifications & Continuous Training, Training & Security Leadership The Power of Tech Tools: Understanding Fundamentals is Essential Brandy Harris • September 10, 2025 Image: Shutterstock The initial encounter with advanced tools often feels transformative; much like the experience of…
The cybersecurity landscape has experienced notable turbulence in the first quarter of 2025, marked by intensifying attacks from cybercriminals employing innovative methods to breach defenses. This report highlights significant malware families and their corresponding analyses within controlled environments. One of…
This week, cybersecurity concerns took center stage as several prominent companies revealed serious data breaches linked to vulnerabilities in third-party service providers. The incidents, notably affecting Tenable, Qualys, and Workday, underscore the significant risks inherent in today’s digital supply chain.…
A significant security exploit has been identified within the Next.js React framework, revealing a potential pathway for attackers to bypass authorization checks under specific circumstances. The vulnerability is identified as CVE-2025-29927 and has been assigned a CVSS score of 9.1,…
On Wednesday, the U.S. Department of Justice (DoJ) announced the seizure of 48 domains linked to the facilitation of distributed denial-of-service (DDoS) attacks. These domains provided a platform for malicious actors to launch attacks, thereby diminishing the barriers to entry…
