Recent security audits of the OvrC cloud platform have revealed a series of vulnerabilities—specifically ten—that could enable attackers to execute code remotely on devices linked to this network. These vulnerabilities, if exploited, could allow unauthorized individuals to commandeer devices including…
A financially motivated threat group, identified as FIN12, has been linked to a series of RYUK ransomware incidents since October 2018. This organization demonstrates significant collaboration with TrickBot-affiliated actors while utilizing publicly accessible tools like Cobalt Strike Beacon payloads to…
Mailchimp, a prominent email marketing and newsletter service provider based in the U.S., has announced a significant security breach resulting from a sophisticated social engineering attack. This incident has compromised the accounts of 133 customers, raising concerns about the vulnerabilities…
Security Awareness Programs & Computer-Based Training, Training & Security Leadership Cyber Professionals Can Follow Two Distinct Career Paths in Training and Education Brandy Harris • October 22, 2025 Image: Shutterstock Upon entering the field of cybersecurity education, I found my…
Major Cybersecurity Breach Leads to Substantial Penalty for Australian Clinical Labs Australian Clinical Labs Limited (ACL), a prominent private pathology service provider in Australia, has been ordered to pay a total of A$5.8 million (approximately US$3.8 million) in penalties, alongside…
A newly discovered security vulnerability in Windows NT LAN Manager (NTLM) has been exploited in a zero-day attack, with suspected ties to Russian threat actors targeting Ukraine. This vulnerability, designated as CVE-2024-43451 and rated with a CVSS score of 6.5,…
A new hacking group reportedly aligned with Iranian national interests has been observed executing a password spraying campaign aimed at defense technology companies in the U.S., European Union, and Israel. This campaign has also extended to regional ports of entry…
In a significant cybersecurity incident, the Everest ransomware group has revealed that it has targeted two new victims: Dublin Airport and Air Arabia. This development follows the group’s recent announcement regarding a breach of AT&T Careers, where they claimed to…
GoTo, Formerly LogMeIn, Reports Data Breach Affecting User Data GoTo, the parent company of LastPass and formerly known as LogMeIn, disclosed on Tuesday a significant data breach involving the theft of encrypted backups of customer information. This incident, which occurred…
Human Risk in 2025: Combatting AI-Driven Insider Threats As we look ahead to 2025, the cybersecurity landscape is increasingly shaped by the sophisticated capabilities of artificial intelligence. One of the most pressing concerns for organizations is the rise of AI-powered…
