Operation RoundPress, conducted by the Russian-aligned group Fancy Bear, exploits vulnerabilities in webmail servers to extract sensitive data from entities linked to the Ukraine conflict and beyond.
A critical security vulnerability in SAP’s NetWeaver Visual Composer, tracked as CVE-2025-31324, has been actively exploited by ransomware groups and Chinese state-sponsored actors, allowing for unauthorized file uploads and potential Remote Code Execution.
As cyber threats become more sophisticated, Chief Information Security Officers must adapt their strategies to protect both businesses and executives while fostering a culture of cyber resilience.
In 2024, newly discovered vulnerabilities in Linux and macOS surged by 61%, with Linux vulnerabilities increasing by 967% and exploited vulnerabilities nearly doubling, highlighting a significant escalation in cybersecurity risks.
The ransomware ecosystem has become increasingly fragmented and mistrustful among cybercriminal groups, leading to a more unpredictable threat environment for organizations worldwide.
Coinbase has launched a $20 million reward program for information leading to the identification and arrest of cybercriminals who breached its customer support system, affecting less than 1% of its users.
Websites must implement robust security measures to safeguard against online threats and proxy abuse, which can lead to fraudulent activities, security breaches, and service disruptions.
Marks & Spencer suffered a significant ransomware attack attributed to the hacking group Scattered Spider, resulting in operational disruptions, financial losses, and compromised customer data.
Microsoft’s May 2025 Patch Tuesday updates resolve 72 vulnerabilities, including five actively exploited zero-day flaws that pose significant security risks across various Microsoft products.
The MITRE CVE program, crucial for vulnerability management, received an 11-month contract extension from CISA after concerns over its funding, while the European agency ENISA launched the EUVD to enhance vulnerability tracking and reduce reliance on a single source.
