A new Android malware campaign uses fake Google Play pages to distribute the SpyNote Trojan

The Cyber Security Breaches Survey 2025 has been released by the UK Home Office and DSIT today, reporting a slight decline in incidents compared to 2024 report

CISOs are more stressed than ever before – but why is this and what can be done?

With anyone now able to launch an attack, the Phishing as a Service industry is booming

While small businesses are improving cybersecurity practices, high-income charities are getting worse

The most damaging attacks continue to be ransomware, but financial fraud claims are more numerous — and both are driven by increasing third-party breaches.

With $4.4 billion in worldwide data breach fines in 2024, the cost of not knowing who's walking into your systems is devastating.

Developing strong incident response plans remains an area that requires significant improvement. Here are some shortcomings and how to address them.

Researchers characterize the company's artificial intelligence chatbot as less secure than ChatGPT and even DeepSeek.

Gladinet's platform is widely used among managed service providers, and a critical deserialization flaw could put MSP customers in jeopardy.

Managing permissions and authorizations across dozens or hundreds of cloud services and platforms poses significant headaches for companies. An open specification aims to change that.

An executive order is targeting former Trump appointees, including former CISA director Chris Krebs and his current coworkers, in the latest in a series of directives against those who dissented against the president and his associates.

Security experts weigh in on the problem Salt Typhoon and its hacking of telecoms poses against the United States, including what the US should do and how defenders can protect themselves.

Malicious packages lurking on open source repositories like npm have become less effective, so cyberattackers are using a new strategy: offering "patches" for locally installed programs.

Failing to distinguish between data privacy and data security leaves businesses vulnerable to regulatory scrutiny and the kinds of breaches that erode consumer trust overnight.

Darktrace researchers detailed "spam bombing," a technique in which threat actors bombard targets with spam emails as a pretense for activity like social engineering campaigns.