Signal Implements Block on Microsoft Recall Screenshots for Windows 11 Users
Signal has made significant enhancements to its Windows application aimed at safeguarding user privacy by preventing Microsoft’s AI-driven Recall feature from capturing screenshots of Signal conversations. This newly introduced…

Sensitive Personal Data Compromised in West Lothian Ransomware Incident
West Lothian Council has reported a significant data breach involving the theft of both personal and sensitive information from its education network. On May 21, the council updated stakeholders…

FBI Issues Alert on AI-Driven Impersonation Tactics Targeting Senior Officials
The FBI has issued a warning regarding an ongoing malicious campaign involving text and voice messages that impersonate high-ranking U.S. officials.

This campaign primarily targets current and former federal…

The Automation Challenges in Identity Security: A Complex Issue Requiring Immediate Attention
For numerous organizations, identity security may seem adequately managed. On surface inspection, all indicators appear satisfactory. However, recent research by Cerby, derived from insights from over 500 IT and…

Critical Security Vulnerabilities in Versa Concerto Enable Authentication Bypass and Remote Code Execution
Critical vulnerabilities have been identified in the Versa Concerto platform, which remain unpatched and pose significant risks. These vulnerabilities could enable remote attackers to bypass authentication mechanisms and execute…

Critical Zero-Day Vulnerabilities Identified in Versa Networks SD-WAN/SASE Platform
Three critical vulnerabilities have been identified in Versa Concerto, which serves as the orchestration platform for Versa Networks’ Software-Defined Wide Area Network (SD-WAN) and Secure Access Service Edge (SASE)…

Adolescent Individual Confesses to Extortion Related to PowerSchool Data Breach
A 19-year-old college student has pleaded guilty to charges of cyber extortion related to an incident involving PowerSchool, a prominent education technology company. This act included the unauthorized access…

Texas Physician Convicted for Fraudulent Patient Diagnoses Related to Insurance Scheme Receives 10-Year Prison Sentence
Concerns surrounding the misuse of patient information and the manipulation of medical records for fraudulent activities have become increasingly prevalent. A recent case highlights the gravity of these issues,…

Stalkerware Applications Cease Operation Following Data Breach
A stalkerware company that recently faced significant data breaches has abruptly removed all its online assets, including various applications, with no official explanation provided. Recent investigations have revealed further…

Exploitation of Ivanti EPMM Vulnerabilities by Chinese Cyber Actors in Global Enterprise Network Intrusions
A recently addressed pair of security vulnerabilities within Ivanti Endpoint Manager Mobile (EPMM) software has been exploited by a China-based threat actor targeting various sectors across Europe, North America,…

FTC Concludes Mandate for GoDaddy to Enhance Security Protocols for Hosting Services
The U.S. Federal Trade Commission (FTC) has finalized an order that requires GoDaddy, a leading web hosting provider, to enhance the security of its services. This decision comes as…

Global Law Enforcement Agencies and Microsoft Disrupt Over 2,300 Lumma Stealer Domains
Microsoft has partnered with global law enforcement agencies to disrupt the infrastructure associated with one of the most prominent infostealer operations, Lumma Stealer. Between March 16 and May 16,…

Leak of VanHelsing Ransomware Builder Discovered on Cybersecurity Forum
The VanHelsing ransomware-as-a-service operation has recently made significant operational changes by releasing the source code for its affiliate panel, data leak blog, and Windows encryptor builder. This move follows…

Disruption of Lumma Information Stealer Infrastructure
The US Department of Justice (DOJ) and Microsoft have jointly disrupted the Lumma information stealer’s infrastructure. Lumma, also referred to as LummaC or LummaC2, has rapidly emerged since its…

Significant Vulnerability in Windows Server 2025 dMSA Poses Risk of Active Directory Compromise
A recently identified privilege escalation vulnerability in Windows Server 2025 poses significant risks to organizations utilizing Active Directory (AD). This flaw allows attackers to compromise any user account within…

Chinese Hackers Exploit Cityworks Zero-Day Vulnerability to Compromise U.S. Local Government Systems
Chinese-speaking cyber adversaries have successfully exploited a now-resolved zero-day vulnerability in Trimble Cityworks, affecting multiple local government entities across the United States.

Trimble Cityworks is a Geographic Information System…

Coinbase Data Breach Impacted Nearly 70,000 Customers
The recent breach at Coinbase has had significant implications, affecting approximately 70,000 customers. This alarming development was officially reported by the cryptocurrency exchange in a data breach notification submitted…

Opexus Breach Identified as Primary Catalyst in Significant Federal Data Compromise
This breach may not be the largest insider breach of 2025; however, it holds the potential to be one of the most significant in terms of impact. Reports indicate…

Webinar: Developing a Robust and Legally Defensible Cybersecurity Program
It’s imperative that organizations not only ensure their cybersecurity measures are in place but also demonstrate their effectiveness within the current legal landscape. The complexities of cybersecurity now require…

Ivanti EPMM Vulnerability Exploited by Advanced Persistent Threat Actors to Compromise Government Entities
Chinese state-sponsored threat actors have been exploiting a significant remote code execution vulnerability within Ivanti Endpoint Manager Mobile (EPMM), affecting various governmental and high-profile organizations globally. The vulnerability, designated…