The University of Pennsylvania has confirmed that a cyberattack led to unauthorized access and theft of sensitive university data. The breach also involved the manipulation of official @upenn.edu email addresses, which were used to send harassing messages to community members.…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced on Tuesday the addition of a serious vulnerability affecting SolarWinds Web Help Desk (WHD) software to its Known Exploited Vulnerabilities (KEV) catalog. This decision comes amid indications of active exploitation of…
New Espionage Campaign Unveiled: Targets Corporate Networks in Venezuela On Thursday, cybersecurity researchers revealed an ongoing espionage campaign primarily aimed at corporate networks in Spanish-speaking countries, with Venezuela being the focal point. This newly identified threat, named “Bandidos” by security…
T-Mobile has confirmed it fell victim to a security breach in March, attributed to the notorious LAPSUS$ hacking group, known for its sophisticated cyber exploits. This assertion comes following revelations by investigative journalist Brian Krebs, who disclosed internal communications from…
Data Breach Notification, Data Privacy, Data Security 2025 Sees Major Data Breach Affecting 10.5 Million Individuals, Multiple Insurers, State Authorities Marianne Kolbasuk McGee (HealthInfoSec) • November 4, 2025 Conduent, a publicly traded entity spun off from Xerox in 2017, is…
Data Breach Affects 17,000 Due to Slack Account Compromise, Says Nikkei In a significant cybersecurity incident, Nikkei has reported that approximately 17,000 individuals have been impacted by a data breach linked to a compromise of a Slack account. This breach…
GitHub Security Updates Address Critical Vulnerabilities in Enterprise Server GitHub has announced crucial security updates for its Enterprise Server (GHES), responding to multiple vulnerabilities, including a severe flaw that could lead to unauthorized access. The updates aim to enhance user…
In a significant cybersecurity response, Kaseya, a software vendor based in Florida, released urgent updates on Sunday to rectify critical vulnerabilities in its Virtual System Administrator (VSA) solution. This action follows a massive ransomware incident that exploited VSA to target…
On Thursday, India’s Computer Emergency Response Team (CERT-In) announced new regulations mandating that service providers, intermediaries, and government entities report cybersecurity incidents, including data breaches, within six hours. This move is aimed at enhancing the national cybersecurity framework, reflecting an…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime, Government Major Staffing Cuts and Furloughs Impede Federal Response to F5 Cyberattack Chris Riotta (@chrisriotta) • November 4, 2025 Image: Alexeenko Alexey/Shutterstock The U.S. government is grappling with the aftermath of a…
