Indian Government Addresses Security Flaw in Digilocker Service The Indian Government has confirmed the resolution of a significant vulnerability within its secure document wallet service, Digilocker. This flaw potentially allowed unauthorized remote access, enabling attackers to bypass mobile one-time passwords…
Governance & Risk Management, Operational Technology (OT) Trellix Warns of Rising Threats to PLCs from Cyber Attackers Greg Sirico • November 18, 2025 Image: Shutterstock Cybersecurity firm Trellix has issued a stark warning regarding the increasing vulnerability of programmable logic…
Discovery Practice Management Settles Lawsuit Over 2020 Data Breach In a significant development for the cybersecurity landscape, Discovery Practice Management has reached a settlement regarding a data breach that occurred in 2020. This incident has raised concerns among business owners…
The developers of the PuTTY Secure Shell (SSH) and Telnet client have issued a warning about a critical vulnerability affecting versions 0.68 through 0.80. This flaw poses a significant risk, allowing attackers to potentially recover NIST P-521 (ecdsa-sha2-nistp521) private keys,…
A 22-year-old resident of Ellsworth County, Kansas, faces serious allegations after being indicted for unauthorized access to a public water facility’s computer system. This breach potentially endangered the safety and well-being of the community’s residents. The individual, identified as Wyatt…
On October 24, 2025, Microsoft Azure experienced an unprecedented Distributed-Denial-of-Service (DDoS) attack, marking the highest recorded assault on cloud infrastructure to date. This significant cyber event peaked at 15.72 Terabits per second (Tbps) and 3.64 billion packets per second (pps),…
Access Management, Data Privacy, Data Security NIH Working on Fixes to Address National Security Risks and Weak Access Controls Marianne Kolbasuk McGee (HealthInfoSec) • November 17, 2025 A federal watchdog agency identified security vulnerabilities that could permit unauthorized access to…
In a recent incident, Checkout.com, a payment processing service, faced a data breach attributed to the hacking group known as ShinyHunters, which exploited vulnerabilities in a legacy third-party cloud storage system. This breach reportedly affected less than 25% of the…
Recent cybersecurity research has unveiled a critical vulnerability in command-line interface (CLI) tools from Amazon Web Services (AWS) and Google Cloud, risking the exposure of sensitive credentials within build logs. Titled LeakyCLI by the cloud security firm Orca, this vulnerability…
Recent cybersecurity investigations have revealed a sophisticated cyberespionage campaign attributed to a Chinese-speaking hacking group targeting various government and military institutions in Vietnam. The threat has been tentatively linked to the advanced persistent threat (APT) group known as Cycldek, also…
