Risk
-
Growing Threats from Sideloaded iOS Apps Exposed in New Report
Zimperium’s latest report uncovers significant security vulnerabilities associated with sideloaded iOS applications, illuminating risks that threaten both individual users and businesses. The analysis reveals how malicious apps exploit iOS flaws to bypass security protocols.
-
New Tool ‘Defendnot’ Manipulates Windows Security to Disable Microsoft Defender
The newly developed tool ‘Defendnot’ exploits a Windows Security API to disable Microsoft Defender by masquerading as a fake antivirus product, raising significant security concerns about system manipulations.
-
Broadcom Faces Data Theft Following Ransomware Attack on Payroll Partner
Broadcom has confirmed a data theft incident following a ransomware attack on its former payroll partner, Business Systems House. The breach affects sensitive employee data, prompting investigations and heightened security measures.
-
Critical SAP NetWeaver Vulnerability Targeted by Ransomware and APT Groups
Ransomware and Chinese APT groups are exploiting a critical vulnerability in SAP’s NetWeaver, identified as CVE-2025-31324, which has a CVSS score of 10, enabling attackers to execute remote code without authentication.
-
International Cybercrime Ring Disrupted as Four Arrested in Botnet Operation
Four individuals, including three Russians, have been arrested in connection with a global botnet operation that allegedly generated $46 million by selling access to infected routers. The FBI has seized associated domains as international law enforcement partners disable the botnet.
-
Major Data Breach Affects Hundreds of Thousands of Americans
A major data breach at Kelly Benefits has compromised the personal information of over 413,000 Americans, raising serious concerns about identity theft and fraud, as the firm offers credit monitoring services to affected individuals.
-
Ascension Healthcare Data Breach Exposes Information of Over 430,000 Patients
Ascension has disclosed that a data breach has compromised the personal and healthcare information of over 430,000 patients, prompting the organization to offer free identity monitoring services to those affected. The breach, linked to a former business partner, has raised concerns about data security in the healthcare sector.
-
Crisis in CVE Funding Sparks Urgent Rethink in Vulnerability Management
The funding crisis affecting the Common Vulnerabilities and Exposures (CVE) program has prompted urgent reassessments in how organizations manage vulnerabilities, highlighting the necessity for adapting security strategies amid a surge in disclosed vulnerabilities and evolving threats.
-
CISA Issues Warning on Cybersecurity Vulnerabilities in US Oil and Gas Sector
The Cybersecurity and Infrastructure Security Agency (CISA) has warned about the risk of cyberattacks on the US oil and gas infrastructure, highlighting systemic vulnerabilities and the importance of basic cybersecurity practices.
-
UK Legal Aid Agency Investigates Potential Cybersecurity Breach
The Legal Aid Agency in the UK is investigating a cybersecurity incident that may have compromised the financial information of legal aid providers, amid a wave of attacks on major retailers in the country.
