π¦Ώ Microsoft Switches to Passkeys By Default, Pledges to Eliminate Passwords π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Apple and Google also pledged to use the FIDO Alliances standard for biometric or PIN logins as opposed to passwords.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Microsoft Switches to Passkeys By Default, Pledges to Eliminate Passwords
Apple and Google also pledged to use the FIDO Allianceβs standard for biometric or PIN logins as opposed to passwords.
π1
π΅οΈββοΈ UK Retailers Reeling From Likely Ransomware Attacks π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
A series of cyberattacks have struck multiple major British retailers in recent weeks, and a ransomware gang has reportedly claimed responsibility.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
UK Retailers Reeling From Likely Ransomware Attacks
A series of cyberattacks have struck multiple major British retailers in recent weeks, and a ransomware gang has reportedly claimed responsibility.
π΅οΈββοΈ What NY's New Security Rules Mean for Finance Firms π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
According to the New York Department of Financial Services, finance companies operating in New York even if not based there must implement a variety of protections against unauthorized access to IT systems.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
What NY's New Security Rules Mean for Finance Firms
According to the New York Department of Financial Services, finance companies operating in New York β even if not based there β must implement a variety of protections against unauthorized access to IT systems.
π1
π΅οΈββοΈ Attackers Ramp Up Efforts Targeting Developer Secrets π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Software teams need to follow security best practices to eliminate the leak of secrets, as threat actors increase their scanning for configuration and repository files.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Attackers Ramp Up Efforts Targeting Developer Secrets
Software teams need to follow security best practices to eliminate the leak of secrets, as threat actors increase their scanning for configuration and repository files.
π΅οΈββοΈ Despite Arrests, Scattered Spider Continues High-Profile Hacking π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
While law enforcement has identified and arrested several alleged members, the notorious threat group continues to wreak havoc.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Despite Arrests, Scattered Spider Continues Hacking
While law enforcement has identified and arrested several alleged members, the notorious threat group continues to wreak havoc.
ποΈ Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
An Iranian statesponsored threat group has been attributed to a longterm cyber intrusion aimed at a critical national infrastructure CNI in the Middle East that lasted nearly two years. The activity, which lasted from at least May 2023 to February 2025, entailed "extensive espionage operations and suspected network prepositioning a tactic often used to maintain persistent access for future.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Department of Justice DoJ on Thursday announced charges against a 36yearold Yemeni national for allegedly deploying the Black Kingdom ransomware against global targets, including businesses, schools, and hospitals in the United States. Rami Khaled Ahmed of Sana'a, Yemen, has been charged with one count of conspiracy, one count of intentional damage to a protected computer, and one.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have discovered three malicious Go modules that include obfuscated code to fetch nextstage payloads that can irrevocably overwrite a Linux system's primary disk and render it unbootable. The names of the packages are listed below github.comtruthfulpharmprototransform github.comblankloggiagomcp github.comsteelpoortlsproxy "Despite appearing legitimate,.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π TikTok Fined β¬530m Over Transfers of European User Data to China π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Irelands data protection watchdog accuses the Chinese social media giant of violating GDPR with transfers of European users data to China.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
TikTok Fined β¬530m Over Transfers of European User Data to China
Irelandβs data protection watchdog accuses the Chinese social media giant of violating GDPR with transfers of European usersβ data to China
π1
π Ransomware Attacks Fall in April Amid RansomHub Outage π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Comparitech observed a significant decline in ransomware attacks in April, partly as a result of the RansomHub gang going dark.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Ransomware Attacks Fall in April Amid RansomHub Outage
Comparitech observed a significant decline in ransomware attacks in April, partly as a result of the RansomHub gang βgoing darkβ
π’ DDoS attackers are pouncing on unpatched vulnerabilities π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Who needs a new attack vector when you can exploit old, public, and welldocumented vulnerabilities?.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
DDoS attackers are pouncing on unpatched vulnerabilities
Who needs a new attack vector when you can exploit old, public, and well-documented vulnerabilities?
π΅οΈββοΈ How to Prevent AI Agents From Becoming the Bad Guys π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
When designed with strong governance principles, AI can drive innovation while maintaining the people's trust and security.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
How to Prevent AI Agents From Becoming the Bad Guys
When designed with strong governance principles, AI can drive innovation while maintaining the people's trust and security.
π€1
ποΈ β‘ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
What if attackers aren't breaking inthey're already inside, watching, and adapting? This week showed a sharp rise in stealth tactics built for longterm access and silent control. AI is being used to shape opinions. Malware is hiding inside software we trust. And old threats are returning under new names. The real danger isnt just the breachits not knowing whos still lurking in your.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Perfection is a Myth. Leverage Isn't: How Small Teams Can Secure Their Google Workspace ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Lets be honest if you're one of the first or the first security hires at a small or midsize business, chances are you're also the unofficial CISO, SOC, IT Help Desk, and whatever additional roles need filling. Youre not running a security department. You are THE security department. You're getting pinged about RFPs in one area, and reviewing phishing alerts in another, all while sifting.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
β€1
ποΈ Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The threat actors known as Golden Chickens have been attributed to two new malware families dubbed TerraStealerV2 and TerraLogger, suggesting continued development efforts to finetune and diversify their arsenal. "TerraStealerV2 is designed to collect browser credentials, cryptocurrency wallet data, and browser extension information," Recorded Future Insikt Group said. "TerraLogger, by contrast.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π SOC-as-a-Service Pricing Guide π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
When your provider stops delivering, its time for a change. This stepbystep guide shows you how to switch MSSP, MDR, MXDR... The post SOCasaService Pricing Guide appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
UnderDefense
SOC-as-a-Service Pricing Guide
2025 SOC-as-a-Service Pricing Guide β Know What Youβre Paying For
π¦
Cyberattacks Hit Leading UK Retailers as NCSC Urges Stronger Defences π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble Cyberattacks Hit Leading UK Retailers as NCSC Urges Stronger Defences " dataimagecaption"Cyble Cyberattacks Hit Leading UK Retailers as NCSC Urges Stronger Defences " datamediumfile"httpscyble.comwpcontentuploads202505CybleBlogsNCSC300x150.jpg" datalargefile"httpscyble.comwpcontentuploads202505CybleBlogsNCSC1024x512.jpg" title"Cyberattacks Hit Leading UK Retailers as NCSC Urges Stronger Defences 1" Multiple cyberattacks have recently struck some of the UKs most iconic retailers, prompting concern from industry leaders and cybersecurity authorities. Among the affected organizations are Harrods, Marks Spencer, and the Coop, all of which have confirmed incidents targeting their digital infrastructure in late April and early May 2025. The UKs National Cyber Security Centre NCSC is c...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
ποΈ Wormable AirPlay Flaws Enable Zero-Click RCE on Apple Devices via Public Wi-Fi ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have disclosed a series of nowpatched security vulnerabilities in Apple's AirPlay protocol that, if successfully exploited, could enable an attacker to take over susceptible devices supporting the proprietary wireless technology. The shortcomings have been collectively codenamed AirBorne by Israeli cybersecurity company Oligo. "These vulnerabilities can be chained by.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Cybersecurity and Infrastructure Security Agency CISA has added a maximumseverity security flaw impacting Commvault Command Center to its Known Exploited Vulnerabilities KEV catalog, a little over a week after it was publicly disclosed. The vulnerability in question is CVE202534028 CVSS score 10.0, a path traversal bug that affects 11.38 Innovation Release, from versions.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π΅οΈββοΈ Phony Hacktivist Pleads Guilty to Disney Data Leak π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
After stealing sensitive data from Disney, Ryan Mitchell Kramer claimed to be part of a Russian hacktivist group protecting artists' rights and ensuring they receive fair compensation for their work.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Phony Hacktivist Pleads Guilty to Disney Data Leak
After stealing sensitive data from Disney, Ryan Mitchell Kramer claimed to be part of a Russian hacktivist group protecting artists' rights and ensuring they receive fair compensation for their work.
π¦Ώ Windows 11 Version 24H2 Enters Final Deployment Phase, Microsoft Lists Known Issues π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Some devices will be placed under a compatibility hold as Microsoft works out ongoing issues.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Windows 11 Version 24H2 Enters Final Deployment Phase, Microsoft Lists Known Issues
Some devices will be placed under a compatibility hold as Microsoft works out ongoing issues.
β€1