Agentic AI, Identity & Access Management, Machine Identities Silicon Valley Startup Targets Discovery and Governance in Non-Human Identity Management Michael Novinson (MichaelNovinson) • October 21, 2025 Danny Oliveri, co-founder and CEO, Defakto (Image: Defakto) Silicon Valley-based startup Defakto, which specializes…
Investigation Reveals Alarming Details in Afghan Data Breach A recent inquiry has uncovered critical information regarding a significant data breach affecting Afghan systems responsible for handling sensitive information. The probe highlights a series of unrecorded meetings and informal agreements that…
On Monday, Cisco issued an updated advisory highlighting an ongoing threat linked to a long-standing vulnerability in its Adaptive Security Appliance (ASA). The flaw, identified as CVE-2014-2120, has a CVSS score of 4.3 and relates to insufficient input validation within…
Recent Cyber Surveillance Attacks Target North Korean Defectors and Journalists In a disturbing development, advanced persistent threats (APTs) linked to nation-state actors have launched a series of highly-targeted surveillance attacks against North Korean defectors, journalists covering North Korea, and associated…
On October 17, 2025, Envoy Air, a Texas-based regional airline and the largest carrier under American Airlines, confirmed that it was recently compromised due to a series of cyberattacks exploiting a zero-day vulnerability in a major corporate software application. The…
JumpCloud Responds to Cybersecurity Incident Affecting Clients JumpCloud, a cloud-based identity and access management provider, has taken swift action in response to a significant cybersecurity incident that has impacted a number of its clients. The breach has prompted the company…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Darktrace Reports on Compromise of Citrix NetScaler Gateway Akshaya Asokan (asokan_akshaya) • October 20, 2025 Image: Shutterstock Recent reports from the managed threat detection firm Darktrace indicate that a persistent campaign by…
October 21, 2025Ravie LakshmananCyber Espionage / Network Security A European telecommunications company has reportedly fallen victim to a cyber intrusion attributed to a threat actor associated with the China-linked group known as Salt Typhoon. This incident, as reported by Darktrace,…
Critical Vulnerability Discovered in SailPoint’s IdentityIQ Software A significant security vulnerability has been identified in SailPoint’s IdentityIQ identity and access management (IAM) software, potentially exposing sensitive data stored in application directories. The flaw, designated CVE-2024-10905, carries a maximum CVSS score…
Stealth Malware Campaign Targets Middle Eastern Entities A sophisticated malware campaign has been uncovered, targeting government bodies, military organizations, law firms, and financial institutions predominantly in the Middle East. Initiated as early as 2019, the campaign leverages malicious Microsoft Excel…
