One Foothold, 25 Million Victims: The Risk Inside Modern Breaches
Recent cyber incidents highlight how a single foothold can expose tens of millions of records. The Conduent Business Services breach grew to over 25 million victims, with attackers retaining access for nearly three months and exfiltrating 8.5 TB of data. Parallel attacks on hospitals and a CVSS 10.0 firewall vulnerability demonstrate rapid lateral movement and ransomware‑as‑a‑service tactics, while state‑linked groups like Lazarus merge geopolitical tools with criminal extortion. Experts stress that breach readiness, especially microsegmentation and least‑privilege controls, determines whether an intrusion remains contained or escalates into a multi‑million‑record disaster.
The Hidden Price Tag: Uncovering Hidden Costs in Cloud Architectures with the AWS Well-Architected Framework
Organizations adopting AWS often overlook hidden costs tied to security breaches, downtime, and over‑provisioned resources. The AWS Well‑Architected Framework, together with the Cloud Adoption Framework, offers a structured set of best practices across six pillars to identify and remediate high‑risk...
APTs and Industrial Cybersecurity in the Wake of the Attack on Iran
Advanced Persistent Threat (APT) groups, often backed by nation‑states, are intensifying attacks on industrial control systems worldwide. Dragos reports that only about 10 % of critical infrastructure facilities have continuous monitoring, leaving most OT environments exposed. Iranian‑backed actors such as IRGC‑affiliated...
NDSS 2025 – Be Careful Of What You Embed: Demystifying OLE Vulnerabilities
Researchers from Huazhong University, Waterloo and Sangfor presented a paper at NDSS 2025 exposing critical weaknesses in Microsoft Office’s Object Linking & Embedding (OLE) framework. Their tool, OLExplore, performed dynamic analysis of historic OLE flaws and uncovered 26 confirmed vulnerabilities,...
LexisNexis Confirms Data Breach as Hackers Leak Stolen Files
LexisNexis Legal & Professional confirmed a breach after hackers exploited an unpatched React frontend, using the React2Shell vulnerability to access its AWS environment. The threat actor FulcrumSec leaked over 2 GB of data, including 21,042 customer accounts, 45 attorney password hashes,...
Honeywell, Researcher Clash Over Impact of Building Controller Vulnerability
Security researcher Gjoko Krstic disclosed a high‑risk flaw in Honeywell's IQ4 building‑management controller, claiming the web‑based HMI is unauthenticated by default and can be exploited to create admin accounts. He identified roughly 7,500 internet‑exposed devices, with about 20% lacking authentication,...
Zero Trust Implementation Roadmap: 5 Stages From Legacy to Modern Security
The article outlines a five‑stage roadmap for Zero Trust adoption, beginning with a thorough identity assessment and progressing through identity foundation, device trust, application access modernization, network segmentation, and continuous validation. Each stage includes concrete milestones such as 100% MFA enforcement,...
Western Allies Form 6G Security Coalition Amid Tech Rivalry with China
Western and Indo‑Pacific allies launched the Global Coalition on Telecoms (GCOT) at Mobile World Congress, uniting the United States, United Kingdom, Canada, Japan, Australia, Sweden and Finland. The coalition released a set of voluntary security and resilience principles designed to...
Josys Centralizes Identity Data to Replace Manual IT Oversight with Automated Governance
Josys has evolved into an autonomous identity governance platform that centralizes identity data from any source into a single AI‑driven system. The solution automates access reviews, lifecycle updates, and over‑permissioned user remediation, eliminating manual IT oversight. Its AI Integration Builder...
Tonic Structural vs Informatica: Which Is Better for Test Data Management?
The article compares Tonic Structural and Informatica for test data management, highlighting that both generate privacy‑safe data but differ in deployment models and feature focus. Informatica is shifting to a cloud‑first strategy after its Salesforce acquisition, limiting on‑premises options, while...
CertSIGN and Lissi Partner to Accelerate EUDI Wallet Rollout in Romania
Romanian qualified trust services provider certSIGN has partnered with German digital‑identity specialist Lissi to bring the European Digital Identity (EUDI) Wallet to Romania. The deal combines certSIGN’s PKI‑based trust services with Lissi’s EUDI Wallet Connector API, offering eIDAS‑compliant integration for...
Leaked Database Sheds Light on Iranian Crypto Sanctions Evasion
A leaked database from Iranian exchange Ariomex shows the platform may have facilitated sanctions evasion and large capital transfers between 2022 and 2025. The data, analyzed by Resecurity, identified 27 users with potential sanctions matches and revealed that 70% of...
DeepKeep Launches AI Agent Attack Surface Scanner to Map Enterprise Risk
DeepKeep Ltd. unveiled its AI Agent Scanner, a tool that maps the attack surface of generative AI agents within enterprise workflows. The solution provides instant visibility into agents' tool and data access, visual risk maps, and identifies potential vulnerabilities. It...
Secure by Design: Building Security in at the Beginning
Secure by Design is a holistic methodology that embeds security from the earliest stages of system and software conception, shifting protection from a reactive afterthought to a proactive design principle. CIS and SAFECode collaborate to provide measurable guidance, translating standards...
Archipelo and Checkmarx Announce Partnership Connecting AppSec Detection with DevSPM
Archipelo and Checkmarx announced a technical partnership that links application vulnerability findings with development‑origin context. The integration combines Archipelo’s Developer Security Posture Management (DevSPM) with Checkmarx’s Application Security Posture Management (ASPM) to surface who, how, and whether AI tools contributed...
'The Attack Requires No Exploit, No User Clicks, and No Explicit Request Forsensitive Actions': Experts Say Perplexity's AI Comet Browser...
Security researchers at Zenity have disclosed a zero‑click prompt‑injection vulnerability, dubbed “PleaseFix,” in Perplexity AI’s Comet browser. The flaw lets attackers embed malicious prompts in seemingly benign calendar invites, causing the AI to read local files and exfiltrate passwords without...
Evolving Cloudflare’s Threat Intelligence Platform: Actionable, Scalable, and ETL-Less
Cloudflare has launched a cloud‑first Threat Intelligence Platform (TIP) that eliminates traditional ETL pipelines using a sharded, SQLite‑backed architecture running on the edge. Threat events are distributed across thousands of Durable Objects, delivering sub‑second GraphQL queries and real‑time visualizations. The...
DataDome Launches Enhanced Partner Program Built for Depth
DataDome unveiled an enhanced Partner Program that unites resellers, technology alliances, and cloud partners to deliver comprehensive bot‑mitigation solutions. The program introduces three reseller tiers—Authorized, Growth, and Strategic—each with specific margins, enablement milestones, and co‑selling benefits, plus a new partner...
Finally, CTEM and MITRE INFORM Without the Jargon
The new "CTEM + MITRE INFORM Guide for Dummies" offers a jargon‑light introduction to Continuous Threat Exposure Management (CTEM) and its integration with MITRE’s INFORM maturity model. It explains how CTEM shifts security from point‑in‑time assessments to continuous validation of...
Cato Networks Unveils Dynamic Prevention to Stop Stealthy, Long-Running Cyberattacks
Cato Networks has introduced Dynamic Prevention, an auto‑adaptive threat prevention engine built into its SASE platform. The service continuously correlates months of networking and security sensor data to spot low‑signal malicious behavior that blends with legitimate activity. When a threat...
New Starkiller Phishing Framework Uses Real Login Pages to Bypass MFA Security
A new phishing‑as‑a‑service framework called Starkiller proxies real login pages of major brands, delivering authentic HTML, CSS, and JavaScript to victims. By running a headless Chrome instance inside Docker, it captures credentials and, crucially, steals MFA session cookies after users...
Brian Harrell — Top Cybersecurity Leaders 2026
Brian Harrell, former DHS Assistant Secretary and current Chief Security Officer at Avangrid Energy, is highlighted as a top cybersecurity leader for 2026. He oversees a converged security portfolio that includes IT/OT cyber, physical security, privacy, fire protection, and business...
Dr. Bryan Stoker — Top Cybersecurity Leaders 2026
Dr. Bryan Stoker, a third‑degree Taekwondo black belt and former NSA senior leader, has become Chief Technology Officer at Dispersive Holdings. He spent over 40 years at the NSA and three years as USCYBERCOM J2 technical director, where he built...
AI Agent Overload: How to Solve the Workload Identity Crisis
Zscaler will address the growing workload identity crisis at RSAC 2026, focusing on AI agents and other non‑human identities that span multi‑cloud and on‑prem environments. The session will expose prevalent insecure practices such as static IP mapping and unrotated keys, and...
Malvertising Actor ‘D-Shortiez’ Exploits WebKit Back-Button Hijack in Forced-Redirect Campaign
A threat group known as D‑Shortiez has launched a malvertising campaign that exploits a WebKit flaw to hijack the back button in Safari and other iOS browsers. The malicious JavaScript injects a fake history entry and binds a redirect to...
AI Doubled Auto Industry Cyberattacks: Upstream
Upstream’s 2026 Global Automotive and Smart Mobility Cybersecurity Report shows that cyberattacks on the auto sector more than doubled in 2025, driven by AI‑enabled vehicle architectures and expanding API exposure. Ransomware accounted for 44% of incidents, the fastest‑growing threat, while...
Bybit Claims New Fraud System Stopped $300M of Risky Withdrawals in Q4 2025
Bybit rolled out an AI‑assisted risk monitoring system that flagged about $500 million in withdrawal requests during Q4 2025, ultimately blocking $300 million in suspected scam‑related withdrawals. The platform protected more than 4,000 users with real‑time alerts and identified 350 high‑risk fraud addresses,...
Zerobot Malware Exploits Tenda Command Injection Vulnerabilities to Deploy Malicious Payloads
A new Zerobot campaign is weaponizing two critical flaws – CVE‑2025‑7544 in Tenda AC1206 routers and CVE‑2025‑68613 in the n8n workflow‑automation platform – to deliver a Mirai‑derived payload called Zerobotv9. The exploit chain uses simple HTTP requests or malicious workflow...
Huge “Shadow Layer” Of Organizations Hit by Supply Chain Attacks
Black Kite’s 2025 Third‑Party Breach Report reveals a massive "shadow layer" of supply‑chain attacks, with 136 verified breaches exposing 719 downstream companies and 433 million individuals. Vendors reported an additional 26,000 unnamed corporate victims, suggesting even higher impact. Software‑services providers accounted...
Star Citizen Game Dev Discloses Breach Affecting User Data
Cloud Imperium Games disclosed a security breach on January 21, 2026 that exposed basic account information of an undisclosed number of Star Citizen users. The compromised data included usernames, email addresses, dates of birth and names, but no passwords, financial...
Detego Global Achieves ISO 27001:2022 Certification, Reinforcing Commitment To Information Security
Detego Global, a developer of digital forensics and endpoint monitoring solutions, has earned ISO 27001:2022 certification after a 12‑month audit. The certification validates the company’s Information Security Management System across its software, hardware, and support services. It provides independent assurance that...
Hackers Exploit Telegram for Initial Access to Corporate VPN, RDP, and Cloud Systems
Hackers are turning Telegram into a live marketplace for stolen VPN, RDP and cloud credentials, accelerating initial access to corporate networks. Threat actors harvest stealer logs, post searchable credential feeds, and negotiate sales in private chats, cutting the gap between...
Open Cyber Standards Key to Cross-Platform Integration
Enterprises are turning to open cyber standards to break the cycle of vendor lock‑in that has plagued multi‑year managed service contracts and early hyperscale cloud deployments. By adopting protocols such as OAuth, OpenID and RESTful APIs, organizations can achieve true...
Iranian Cyber Threat Actor Targets Iraqi Government Officials in AI-Powered Campaign
Iran‑linked threat actor Dust Specter launched a sophisticated phishing campaign against Iraqi government officials in January 2026, masquerading as the Ministry of Foreign Affairs. The operation deployed previously unseen malware families—including SplitDrop, TwinTask, TwinTalk and GhostForm—some of which were assembled with...
Home Routers in Singapore Must Meet Higher Security Standards by 2027
Singapore’s Cyber Security Agency and IMDA will raise mandatory security standards for residential routers to Cybersecurity Labelling Scheme (CLS) Level 2 by the end of 2027. The move follows a 2025 cyber‑operation that uncovered over 2,700 compromised devices, including routers, feeding...
Microsoft Warns OAuth Redirect Abuse Delivers Malware to Government Targets
Microsoft warned that threat actors are exploiting OAuth redirect functionality to deliver malware to government and public‑sector targets. The attackers create malicious applications with rogue redirect URLs, send phishing emails containing crafted OAuth links, and use an invalid scope to...
Cloud Architects Earn the Highest Salaries
Cloud architects remain the most in‑demand cloud role, commanding total compensation often exceeding $200,000. Their core value lies in translating business intent into secure, cost‑controlled designs that scale across dozens of teams. While many organizations can spin up workloads quickly,...
What Are Biometric IDs? What Are the Risks?
Across Africa, governments are rolling out biometric digital ID systems to streamline access to voting, healthcare, education and social protection. A new report by the African Digital Rights Network, based on ten country case studies, finds millions excluded due to...
Secure Agility Sets Sights on AI, Security, IoT and Telco-Led Growth in 2026
Secure Agility, a Sydney‑based tech services firm with roughly 100 staff and $70 million in annual revenue, is shifting from a low‑profile engineering focus to aggressive customer acquisition and national expansion. The company now offers production‑ready AI, IoT and cybersecurity platforms,...
GM Is Facing A Lawsuit Over Selling Drivers' Onstar Data
Iowa Attorney General has filed a lawsuit against General Motors alleging the automaker sold driver location and personal data collected through its OnStar telematics service without consent. The complaint expands on earlier actions, accusing GM of selling the information to...
Substantially Reduce Your PCI DSS Control Burden Through Inherited Infrastructure
Upsun introduces an "Inherited Compliance" model that shifts most PCI DSS infrastructure responsibilities to its secure‑by‑default cloud platform. Automated patch deployment and built‑in change logs keep the environment continuously compliant without manual effort. By defining the entire stack in a...
Forensic IT Takes on Chris Hatfield as Exec General Manager
Infotrust subsidiary Forensic IT has appointed Chris Hatfield as executive general manager. Hatfield, a former managing director at FTI Consulting with 26 years of forensic and service experience, will lead the firm’s national digital forensics and incident response (DFIR) expansion....
Evoke Wellness at Hilliard Updates Its Breach Notification
Evoke Wellness at Hilliard submitted a confusing breach notification to the Maine Attorney General, claiming a July 2024 insider incident was only discovered in August 2025 and affecting 261 patients. Earlier reports documented a former employee stealing data in 2024, with 240‑plus...
How Healthcare Organizations Can Build Ransomware Resilience
Scott Doerr, virtual CISO at Fortified Health Security, will present a session on ransomware resilience at HIMSS 2026. He outlines a phased approach that moves ransomware from a reactive crisis to a managed operational risk, emphasizing assessment, planning, simulation, execution,...
The Tug-of-War Over Firewall Backlogs in the AI-Driven Development Era
Developers and security teams are clashing over mounting firewall rule backlogs as AI‑driven development accelerates. Aviatrix reports up to 3,000 pending requests with approval cycles of two to four weeks, forcing developers to idle. Cloud adoption has turned static IP‑based...
The FBI’s Cyber Chief Is Using Winter SHIELD to Accelerate China Prep, Threat Intelligence Sharing
The FBI’s cyber division, led by Brett Leatherman, has launched Operation Winter SHIELD to boost preparation for Chinese cyber threats, improve adversary contestation, and accelerate threat‑intelligence sharing with industry. The campaign spotlights ten practical security controls and combines regional events,...
Data From Insight Hospital and Medical Center Leaked on Dark Web
Insight Hospital and Medical Center disclosed that an unauthorized actor accessed its network from August 22 to September 11, 2025, compromising extensive personal and health data. The breach involved roughly 360 GB of files—about 900,000 records—including names, Social Security numbers, and medical images. On...
30 Alleged Members of 'The Com' Arrested in Project Compass
Europol’s Project Compass, launched in January 2025, has led to the arrest of 30 alleged members of the cyber‑extremist collective known as “The Com,” while identifying a further 179 participants across 28 partner nations. The operation targets a loosely organized network of...
Fake Google Security Site Uses PWA App to Steal Credentials, MFA Codes
A phishing campaign masquerading as a Google Account security page deploys a malicious Progressive Web App (PWA) to harvest one‑time passwords, cryptocurrency wallet addresses, and device data. The PWA, hosted on google‑prism.com, requests clipboard, notification, and location permissions, uses the...
Wisconsin K-12 District Hit by Weeklong Outage
The Denmark School District in Wisconsin experienced a five‑day internet outage after a reported cyber incident that appears to be a ransomware attack claimed by the group INC Ransom. The attackers say they encrypted roughly 70.76 GB of district data and posted...
