Canadian cybersecurity officials are warning that hacktivists are increasingly targeting critical infrastructure in the country. In an October 29 alert, the Canadian Centre for Cyber Security ...

Caller ID spoofing causes nearly $1 billion (EUR 850 million) in financial losses from fraud and scams each year, according to a new Europol position paper that calls for technical and regulatory ...

Six weeks after Adobe shipped an emergency fix, attackers have begun weaponizing SessionReaper — and most Magento stores still stand exposed. Security firm Sansec’s forensics team said it blocked ...

Security and application delivery vendor F5 revealed today in an SEC filing that a nation-state threat actor had “long-term, persistent access” to some of the company’s most critical environments. The ...

Japanese beverage and food giant Asahi Group Holdings has confirmed that a ransomware attack has disrupted its operations and may have led to a leak of personal and financial data. The Asahi Group ...

Microsoft’s Patch Tuesday October 2025 included fixes for 175 vulnerabilities, including three exploited zero-days and 13 additional high-risk vulnerabilities. The three zero-days under attack were ...

Active Directory is a key target for hackers, so a recent report detailing Active Directory attack techniques contains useful lessons for security defenders. The attack, which targeted the critical ...

A managed security services provider has detected credential attacks on SonicWall SSLVPN devices. The attacks, reported by Huntress, involve “widespread compromise” of SonicWall SSLVPN devices.

Oracle rushed out a patch over the weekend for a new E-Business Suite vulnerability that can be exploited remotely without authentication. The vulnerability – CVE-2025-61884 – carries a 7.5 ...

A new polymorphic malware identified by a security researcher earlier this week remains undetected by most security tools. Xavier Mertens wrote about the malware in a SANS blog post on October 8. At ...

Microsoft Threat Intelligence has revealed a spate of financially motivated cyberattacks against universities across the United States. The threat actor, known as Storm-2657, is exploiting weak ...

In a renewed push to safeguard America’s digital infrastructure, U.S. Senators Gary Peters (D-MI) and Mike Rounds (R-SD) have introduced the Protecting America from Cyber Threats Act — a bipartisan ...