A serious security vulnerability has been identified in the open-source network monitoring and fault management tool, Cacti. This flaw poses a risk of remote code execution for authenticated users on affected installations. The issue has been assigned the identifier CVE-2025-22604 and has garnered a high CVSS score of 9.1 out…
Data Privacy, Data Security, Healthcare Hospital Sisters Health System’s 2023 Cyberattack Impacted Nearly 900,000 Individuals Marianne Kolbasuk McGee (HealthInfoSec) • October 2, 2025 Hospital Sisters Health System has agreed to a $7.6 million settlement and further bolster its data security measures following a significant hacking incident in 2023. (Image: HSHS)…
The U.S. Department of Justice (DoJ) has indicted a 38-year-old Chinese national and a California resident for allegedly stealing proprietary information from Google while covertly working for two tech firms based in China. The indictment highlights a significant cybersecurity breach involving sensitive data theft pertinent to artificial intelligence. Linwei Ding,…
Opinion In recognition of Cyber Security Awareness Month, a GP expert offers essential guidance for general practices to safeguard their systems and data. Experts warn that general practices and healthcare businesses are prime targets for cybercriminals. Have you logged into your device using ‘charlie’ today? Or perhaps you think you’re…
A recent analysis from a team at Georgia Institute of Technology and Ruhr University Bochum has unveiled two significant side-channel attacks specifically targeting Apple silicon chips, notably affecting popular web browsers such as Safari and Google Chrome. The attacks have been aptly codenamed Data Speculation Attacks via Load Address Prediction…
Recent reports from the U.S. Treasury Department have identified the North Korea-affiliated Lazarus Group, also referred to as Hidden Cobra, as the entity responsible for the $540 million theft from the Ronin Network, which is associated with the popular video game Axie Infinity. This incident, occurring last month, underscores the…
Agentic AI, Artificial Intelligence & Machine Learning, Governance & Risk Management Identity Security Vendor Enhances AI Governance Tools, Launching MCP Server Defense Michael Novinson (MichaelNovinson) • October 2, 2025 Rishi Bhargava, Co-Founder of Descope (Image: Descope) Descope, an identity security startup, has successfully raised $35 million to enhance its offerings…
Flagstar Bank Faces Class Action Over Data Breaches A proposed class action targeting Flagstar Bank has emerged, alleging that the financial institution failed to adequately safeguard customer and employee data during two significant data breaches. On October 2, 2025, a federal judge in Michigan was approached to grant initial approval…
Recent developments in the cybersecurity landscape have revealed that a new variant of the Mirai botnet, known as Aquabot, is actively targeting a medium-severity vulnerability associated with Mitel IP phones. This vulnerability, identified as CVE-2024-41710, has a CVSS score of 6.8 and involves command injection during the phone’s boot process,…
