
CISA Urged to Enhance KEV Catalog with Contextual Information
Application security provider OX has called on the US Cybersecurity and Infrastructure Security Agency to improve its Known Exploited Vulnerabilities catalog by adding more contextual data to better assess the risks associated with listed vulnerabilities, particularly in cloud environments.
View full story…

Australia Implements Mandatory Ransomware Payment Reporting Rules
Australia will require organizations with annual turnovers exceeding AUS $3 million to report ransomware payments within 72 hours starting May 30, 2025, aiming to enhance cybersecurity transparency and accountability.
View full story…

US Banking Industry Pushes to Repeal SEC Cybersecurity Disclosure Rule
The US banking sector is lobbying for the repeal of a cybersecurity rule requiring public companies to disclose significant incidents within four days, arguing it complicates compliance and may jeopardize security efforts.
View full story…

Coinbase Global Suffers Major Cybersecurity Breach Affecting 69,000 Customers
In May 2025, Coinbase Global experienced a significant cybersecurity breach that compromised the data of over 69,000 customers, leading to an estimated loss of up to $400 million and prompting investigations and legal actions against involved parties.
View full story…
Latest Cybernews

Victoria’s Secret Faces Major Cybersecurity Incident Disrupting E-Commerce Operations
Victoria’s Secret is grappling with a significant cybersecurity incident that has rendered its e-commerce website inoperable, impacting online orders and internal systems, while investigations into a potential ransomware threat are underway.
View full story…

Apple’s Safari Vulnerability Enables Fullscreen Phishing Attacks
A critical security flaw in Apple’s Safari web browser has led to the emergence of a sophisticated phishing technique known as the Fullscreen Browser-in-the-Middle (BitM) attack, which exploits the browser’s Fullscreen API to deceive users and steal credentials.
View full story…

The Industrialization of Ransomware: A Growing Threat to Security Operations Centers
The rise of Ransomware-as-a-Service (RaaS) and the use of cryptocurrencies have transformed ransomware into a sophisticated criminal enterprise, significantly impacting Security Operations Centers (SOCs) and leading to high-profile attacks that cause substantial financial and reputational damage.
View full story…

Email Domains Vulnerable to Spoofing Threaten Cybersecurity
Over 90% of the world’s top email domains are susceptible to spoofing, enabling cybercriminals to execute sophisticated phishing attacks, with only 7.7% adopting strict DMARC policies to combat these threats.
View full story…

ConnectWise Cyber-Attack Highlights Vulnerabilities in MSP Tools
A recent cyber-attack on ConnectWise, attributed to nation-state actors from China and Russia, exploited the CVE-2024-1709 vulnerability, leading to unauthorized access to its ScreenConnect cloud infrastructure.
View full story…

Sophisticated Remote Access Trojan Evades Detection Through Advanced Evasion Techniques
Fortinet’s investigation reveals a sophisticated Remote Access Trojan that operated undetected for weeks, utilizing advanced evasion techniques and secure connections to a command-and-control server.
View full story…
Latest Cybernews

UK Healthcare Organizations Targeted in Cybersecurity Incident
Two prominent UK healthcare organizations were attacked due to a vulnerability in Ivanti Endpoint Manager Mobile, raising concerns about the potential exposure of sensitive information.
View full story…

Malicious Campaign Distributes Malware via Spoofed Bitdefender Website
A spoofed website mimicking Bitdefender’s legitimate page is distributing malware, including VenomRAT, StormKitty, and SilentTrinity, posing significant threats to users’ sensitive information.
View full story…

Czech Republic Accuses China of Cyber-Espionage Against Foreign Ministry
The Czech Republic has formally accused China of orchestrating a cyber-espionage campaign targeting its Ministry of Foreign Affairs, attributed to the APT31 group, raising significant concerns over state-sponsored cyber activities and international relations.
View full story…