On March 18, 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced the inclusion of a high-severity vulnerability in its Known Exploited Vulnerabilities (KEV) catalog. This vulnerability is associated with a supply chain compromise affecting the GitHub Action known as tj-actions The vulnerability, identified as CVE-2025-30066, has been assigned…
A notorious Russia-based cyber espionage group known as APT29 has reportedly exploited a less common Windows feature called Credential Roaming following a successful phishing operation targeting an unmentioned European diplomatic organization. The strategic focus on diplomatic targets aligns with APT29’s historical modus operandi, demonstrating their commitment to gathering intelligence that…
Agentic AI, Application Security, Artificial Intelligence & Machine Learning Acquisition Enhances GenAI User Protection with AI Agent Safeguards Michael Novinson (MichaelNovinson) • September 16, 2025 Check Point Chief Strategy Officer Roi Karo and Lakera CEO David Haber (Images: Check Point) Check Point Software has acquired Lakera, a startup focused on…
When disposing of a burner phone, it is crucial to do so responsibly. “At the end of its useful life, take necessary precautions to eliminate data, remove SIM and memory cards, and ensure you do not leave behind a security vulnerability,” advises Al-Maskati from Access Now. Considering an Alternative Phone…
This week’s cybersecurity update delves into various evolving threats, including a sophisticated phishing technique used by Russian threat actors. Covering issues from device code phishing to cloud-based attacks, this summary transforms complex technicalities into comprehensible insights, tailored for tech-savvy professionals. ⚡ Threat of the Week The recent disclosure from Microsoft…
Data Breach at FinWise Bank Exposes Sensitive Information of 689,000 Customers FinWise Bank, a community bank based in Utah, has reported a significant data breach involving the unauthorized access of sensitive customer information by a former employee, occurring after the individual’s employment had ended. The breach was initially detected on…
In a significant cybersecurity revelation, researchers have identified two severe vulnerabilities affecting mySCADA’s myPRO, a Supervisory Control and Data Acquisition (SCADA) system widely utilized in operational technology environments. This discovery poses a critical security threat, as these flaws could enable malicious actors to gain unauthorized control over affected systems, as…
Recent cybersecurity investigations have unveiled that hackers affiliated with the North Korean government are employing a revamped variant of the backdoor malware known as Dtrack. This malware is specifically targeting a diverse array of sectors across multiple countries, including Germany, Brazil, India, Italy, Mexico, Switzerland, Saudi Arabia, Turkey, and the…
Cybercrime, Fraud Management & Cybercrime, Geo Focus: The United Kingdom Escalating Economic Impact on Jaguar Land Rover and Its Suppliers Akshaya Asokan (asokan_akshaya) • September 16, 2025 Image: Shutterstock Jaguar Land Rover, a leading British automotive manufacturer, has announced an extension of its production pause until late September, marking the…
