Recent disclosures have unveiled nearly two dozen vulnerabilities in Advantech’s industrial-grade wireless access points, a suite of devices that are integral to operational technology networks. Among these vulnerabilities, several are critical, enabling potential attackers to bypass authentication protocols and execute…
On Thursday, the U.S. government unsealed an indictment charging two Iranian nationals with participating in a cyber-enabled disinformation and threat campaign aimed at undermining the integrity of the 2020 presidential elections. The indictment alleges that they gained unauthorized access to…
Last month, Taiwanese computer manufacturer MSI was targeted in a ransomware attack, leading to the exposure of sensitive data, particularly their private code signing keys. The perpetrators of this attack have since disclosed these keys on their dark web platform,…
Governance & Risk Management , Healthcare , Industry Specific Penetration Testing Reveals Vulnerabilities in State Medicaid Systems Marianne Kolbasuk McGee (HealthInfoSec) • October 21, 2025 HHS OIG’s penetration testing of ten state Medicaid systems highlighted critical security gaps that must…
Cybersecurity research firm Darktrace has issued a report highlighting the ongoing threat posed by a state-sponsored group known as Salt Typhoon. This Advanced Persistent Threat (APT) group, suspected to be linked to the People’s Republic of China (PRC), continues to…
Microsoft has recently disclosed multiple security vulnerabilities affecting its AI, cloud services, enterprise resource planning systems, and Partner Center solutions. Among the vulnerabilities identified is a critical flaw that has already been exploited in the wild, raising alarms within the…
Cyberattacks Target Biomanufacturing Firms with Custom Malware “Tardigrade” Recent investigations have uncovered a series of cyberattacks targeting biomanufacturing companies in the U.S., attributed to an advanced persistent threat (APT) utilizing bespoke malware known as “Tardigrade.” This information was disclosed in…
At the close of August, Anthropic, a notable AI firm, publicly affirmed that its chatbot, Claude, would not be involved in assisting with the construction of nuclear weapons. This announcement came on the heels of a strategic partnership with the…
Recently, the 32nd edition of the RSA Conference, one of the premier cybersecurity events worldwide, concluded in San Francisco. Among the notable insights shared, Kevin Mandia, CEO of Mandiant at Google Cloud, delivered an impactful keynote focusing on the current…
Agentic AI, Identity & Access Management, Machine Identities Silicon Valley Startup Targets Discovery and Governance in Non-Human Identity Management Michael Novinson (MichaelNovinson) • October 21, 2025 Danny Oliveri, co-founder and CEO, Defakto (Image: Defakto) Silicon Valley-based startup Defakto, which specializes…
