AI in Retail Crime: A Double-Edged Sword As cybercriminals increasingly leverage artificial intelligence (AI) to enhance organized retail crime (ORC) and evade detection, defenders are urged to harness similar technologies for protective measures. In a recent interview with Information Security Media Group, Jackie Deloplaine from RH-ISAC and Derek Dykens of…
Cybersecurity Update: Rising Threats and Emerging Vulnerabilities In the ever-evolving landscape of cybersecurity, unpatched systems, weak passwords, and neglected plugins serve as gateways for attackers. As supply chains intertwine deeply with the software we depend on, malware is increasingly hidden within seemingly benign avenues, including job offers and cloud services.…
Google Alerts Users to Global Gmail Data Breach Risks In a recent alert, Google has issued a worldwide warning regarding a significant data breach affecting Gmail users. The tech giant is drawing attention to potential vulnerabilities that could have exposed sensitive information, a pressing concern for professionals and business owners…
Recent activity has revealed that cybercriminals are actively exploiting security vulnerabilities in GeoVision’s end-of-life Internet of Things (IoT) devices. This alarming trend is being leveraged to recruit these devices into a Mirai botnet for conducting distributed denial-of-service (DDoS) attacks. Initial observations made by the Akamai Security Intelligence and Response Team…
Southeast Asian Governments Targeted in Ongoing Cyber Espionage by Sharp Panda A sophisticated cyber espionage campaign has emerged, focusing on high-profile government entities across Southeast Asia, with the Chinese threat actor known as Sharp Panda at the forefront. This activity has reportedly intensified since late last year, evolving away from…
Mandy Andress: Visionary Leader in Cybersecurity CISO, Elastic Mandy Andress serves as the Chief Information Security Officer (CISO) at Elastic, bringing with her a wealth of experience in information risk management and cybersecurity. Her career journey includes pivotal roles where she spearheaded information security initiatives at MassMutual and played a…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has reported a significant security vulnerability affecting CrushFTP, now cataloged as a Known Exploited Vulnerability following active exploitation incidents. The flaw, identified as an authentication bypass, allows unauthenticated attackers to gain control of vulnerable instances, raising serious concerns among cybersecurity professionals. This…
TransUnion Cyberattack Exposes Personal Data of 4.4 Million Consumers TransUnion, one of the United States’ primary credit reporting agencies, has reported a cyberattack that has compromised the sensitive personal information of over 4.4 million U.S. consumers. This breach, confirmed on July 30, originated due to vulnerabilities in a third-party application…
SysAid IT Support Software Vulnerabilities Expose Businesses to Remote Code Execution Risks Cybersecurity experts have revealed critical security vulnerabilities in the on-premise version of SysAid IT support software, presenting significant risks for organizations using this platform. These vulnerabilities, identified as CVE-2025-2775, CVE-2025-2776, and CVE-2025-2777, enable attackers to execute remote commands…
