Browsing: Threats and Vulnerabilities

Harvard, Dartmouth Confirm Data Breaches

Kirsten DoyleNovember 26, 20255 Mins Read

Harvard University has disclosed a vishing attack that exposed the personal information of students, parents, alumni (and some of their spouses, partners),…

Logitech Breach Validates Fears: Oracle EBS Zero-Day Is Triggering a Supply-Chain Meltdown

Kirsten DoyleNovember 19, 20256 Mins Read

Logitech has confirmed it suffered a data-theft breach tied to a zero-day in a third-party platform, days after the Clop extortion gang…

No Identity, No Trust: Governing AI in the Age of Autonomy

Jordi ClementNovember 13, 20256 Mins Read

In early 2024, a financial services company discovered their AI customer service agent had accessed and potentially exposed sensitive account…

Quantum Route Redirect: The New One-Click Phishing Engine Targeting Microsoft 365 Users Worldwide

Kirsten DoyleNovember 12, 20254 Mins Read

Cybercrooks are getting an upgrade. KnowBe4 Threat Lab has uncovered Quantum Route Redirect, a new phishing platform that’s upping the…

Federated Threat: Scattered LAPSUS$ Hunters Marks New Era of Cybercrime Collaboration

Kirsten DoyleNovember 7, 20258 Mins Read

A new cybercrime alliance is taking shape. The emerging collective (combining three of the most notorious groups, Scattered Spider, LAPSUS$,…

Evidence Beats the Odds: How Exposure Validation Reframes Security Decision-Making

Süleyman ÖzarslanNovember 4, 20254 Mins Read

Inside many security programs, security teams are handed a finite stack of chips — time, staff, and budget — and…

The Hidden Superpower of Policy in Vulnerability and Patch Management

Gene MoodyNovember 3, 20256 Mins Read

What’s the first thing you think of when you hear “vulnerability management”? The focus may be on tools, CVSS scores,…

Under the Surface: Subtle Ways Cyberattacks Cripple Manufacturing

Lou FarrellOctober 24, 20255 Mins Read

Cyberattacks in the manufacturing sector are evolving faster than many organisations can adapt. While high-profile threats like ransomware and DDoS…

Cybersecurity Awareness Month 2025: Stay Safe Online — Part Two

Kirsten DoyleOctober 24, 202515 Mins Read

When we shared the first article in this series, the response was overwhelming. From security professionals to everyday users, one…

ToolShell Used to Compromise Telecoms, Hit Governments

Kirsten DoyleOctober 23, 20254 Mins Read

A zero-day that Microsoft patched in July remained active long after the fix. China-based attackers weaponized the SharePoint “ToolShell” flaw…