Chief Information Security Officers are advised to consolidate security tools and simplify communication strategies to effectively navigate budget constraints and evolving cybersecurity threats.
As organizations increasingly integrate agentic AI systems with autonomous capabilities, significant security vulnerabilities emerge, including prompt injection and model inversion, highlighting the need for robust governance and security measures.
Acreed has quickly risen to prominence in the dark web’s stolen credential market, surpassing competitors and posing a significant threat to various sectors after the takedown of Lumma Stealer.
The hacker group Scattered Spider has launched a series of cyber-attacks against prominent UK retailers, including M&S and Harrods, exploiting vulnerabilities through sophisticated social engineering techniques and resulting in significant financial losses and data breaches.
The threat group JINX-0132 is targeting misconfigured HashiCorp Nomad and other DevOps tools to conduct cryptojacking attacks, leveraging exposed APIs and vulnerabilities to deploy malicious mining operations.
The FBI and the Department of the Treasury have imposed sanctions on Funnull Technology Inc and its administrator Liu Lizhi for their involvement in a global cryptocurrency investment fraud scheme, resulting in over $200 million in losses for American victims.
Application security provider OX has called on the US Cybersecurity and Infrastructure Security Agency to improve its Known Exploited Vulnerabilities catalog by adding more contextual data to better assess the risks associated with listed vulnerabilities, particularly in cloud environments.
Australia will require organizations with annual turnovers exceeding AUS $3 million to report ransomware payments within 72 hours starting May 30, 2025, aiming to enhance cybersecurity transparency and accountability.
The US banking sector is lobbying for the repeal of a cybersecurity rule requiring public companies to disclose significant incidents within four days, arguing it complicates compliance and may jeopardize security efforts.
In May 2025, Coinbase Global experienced a significant cybersecurity breach that compromised the data of over 69,000 customers, leading to an estimated loss of up to $400 million and prompting investigations and legal actions against involved parties.
