LastPass Data Breach: Lessons for CISOs After 1.6 Million Users Exposed and a £1.2M ICO Fine
The LastPass data breach and subsequent £1.2 million ICO fine highlight a critical reality for CISOs: modern security failures are…
Fortinet Discloses Critical FortiCloud SSO Authentication Bypass Vulnerabilities: What CISOs Must Do Immediately
Critical Fortinet flaws (CVE-2025-59718/59719) allow attackers to bypass FortiCloud SSO using malicious SAML messages. Although not enabled by default, many…
Sryxen Stealer: The New Class of Malware That Turns Chrome Against Itself
Sryxen is a new stealer that bypasses Chrome’s App-Bound Encryption by abusing headless Chrome and the DevTools Protocol, forcing the…
When Trust Becomes the Weakest Link: Potential Supply-Chain Malware via Yealink Downloads
A suspicious ZIP from Yealink’s official CDN contained a trojanized executable, suggesting a possible supply-chain compromise. This case highlights why…
Allurity expands its European cybersecurity presence by acquiring MSF Partners – experts in protecting critical assets and infrastructure
Allurity strengthens its European cybersecurity footprint by acquiring MSF Partners, a Swiss OT security specialist protecting critical infrastructure. The move…
LANDFALL: Inside the Most Advanced Android Spyware Campaign Ever Seen Targeting Samsung Devices
LANDFALL is a sophisticated Android spyware exploiting a Samsung zero-day via DNG zero-click attacks delivered through WhatsApp images. This commercial-grade…
Cloudflare Global Network Outage — What CISOs Need to Know (18 November 2025)
Cloudflare suffered a global service outage impacting the dashboard, Access, WARP, and application services. Recovery is underway. The incident highlights…
PROMPTFLUX: The First AI-Evolving Malware — and What It Really Means for Cybersecurity
AI-driven malware is no longer theoretical. PROMPTFLUX, an experimental VBScript malware leveraging Gemini for real-time code regeneration, shows how threat…
Critical Vulnerability in Fortinet FortiWeb Exploited in the Wild
A critical vulnerability in Fortinet's FortiWeb Web Application Firewall has been actively exploited, allowing attackers to gain administrator access. Organizations…
CISA Emergency Directive 25-03: Federal Agencies Ordered to Identify and Mitigate Compromise of Cisco ASA and Firepower Devices
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued Emergency Directive 25-03 after discovering a state-sponsored campaign exploiting zero-day…