CISA Adds New Vulnerabilities to KEV Catalog: Immediate Action Required The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) catalog by adding two significant security flaws that have been actively exploited. These vulnerabilities affect the Microsoft Partner Center and the Synacor Zimbra Collaboration Suite…
Cisco Confirms Cyberattack Linked to Yanluowang Ransomware Gang On May 24, 2022, Cisco Systems, a leading networking equipment provider, confirmed it fell victim to a cyberattack that exploited vulnerabilities in its digital infrastructure. The breach occurred after an attacker compromised a Cisco employee’s personal Google account, which contained synchronized passwords…
Data Breach Notification, Data Security, Fraud Management & Cybercrime Now-Dormant Gang Claimed North Carolina, Florida Groups on Data Leak Site This Year Marianne Kolbasuk McGee (HealthInfoSec) • September 22, 2025 Goshen Medical Center, with 38 locations in North Carolina, is among the two healthcare providers reporting significant hacks allegedly executed…
Recent findings from cybersecurity firm Silent Push indicate that Russian ransomware groups have introduced a sophisticated new threat known as CountLoader. This malware is not merely a conventional virus; it functions as a loader, specifically designed to infiltrate devices and install more dangerous software, including ransomware. CountLoader serves as a…
On Wednesday, the European General Court imposed a fine on the European Commission, the key executive body of the European Union responsible for law enforcement and proposal, for breaching its own stringent data privacy regulations. This ruling represents a significant first, holding the Commission accountable for violating established data protection…
Data Breach at Stellantis Exposes Customer Information Stellantis, a prominent multinational automaker with brands like Chrysler, Jeep, and Fiat, has reported a data breach that implicates customer information following unauthorized access to a third-party service provider. This incident raises significant concerns regarding data security practices within the automotive industry and…
The Computer Emergency Response Team of Ukraine (CERT-UA) has issued an alert concerning a resurgence in cyber activity from the organized criminal group known as UAC-0173. This group is reportedly employing a remote access trojan called DCRat (also referred to as DarkCrystal RAT) to infiltrate systems. This recent campaign, which…
A recent report reveals that three splinter groups from the infamous Conti cybercrime organization have adopted call back phishing as a primary method for breaching targeted networks. This technique marks a significant shift in their approach to cyberattacks. Cybersecurity firm AdvIntel disclosed in a Wednesday report that these three independent…
Agentic AI, Artificial Intelligence & Machine Learning, Governance & Risk Management Shilpa Sawant Discusses the Internal Risks Posed by Autonomous AI Agents Suparna Goswami (gsuparna) • September 22, 2025 Shilpa Sawant, Vice President, Sumitomo Mitsui Banking Corporation Autonomous artificial intelligence agents are transforming the landscape of insider threats by functioning…
