Quest KACE SMA flaw CVE-2025-32975: when one unpatched tool opens the door to 60 organizations
CVE-2025-32975 is a critical flaw in Quest KACE SMA used for endpoint management. If exploited, it could impact all managed systems across organizations.
Aggregating 8078 articles from trusted cybersecurity sources
CVE-2025-32975 is a critical flaw in Quest KACE SMA used for endpoint management. If exploited, it could impact all managed systems across organizations.
ShinyHunters claimed responsibility for stealing more than 3.6 terabytes of data by exploiting security vulnerabilities in Instructure's Free-for-Teacher env...
Attackers exploited an unspecified vulnerability in the software of Škoda's e-commerce portal to gain unauthorized access.
The bank, which serves customers in Pennsylvania, Ohio, and West Virginia, filed an 8-K with the U.S.
The first vulnerability, CVE-2026-44277, affects FortiAuthenticator's Identity and Access Management solution and was patched in versions 6.5.
Signal is adding new protections for users following recent phishing and social engineering attacks. In March, the FBI and CISA issued a warning stating that...
Tuskira has announced the launch of Kairo, a breach modeling capability that detects deep, hidden breach paths by leveraging its security data mesh and digit...
Key Points Introduction The Gentlemen ransomware‑as‑a‑service (RaaS) operation is a relatively new group that emerged around mid‑2025. Its operators advertis...
Code War author Allie Mellen explains how nations hack, why attribution fails, and what AI changes in cyberwarfare. Learn why "Fighting AI with AI" is the on...
We’ve enabled higher usage limits, faster performance, better reliability, and increased shipping velocity for our Browser Run product by rebuilding on top o...
A threat actor with affiliations to China has been linked to a "multi-wave intrusion" targeting an unnamed Azerbaijani oil and gas company between late Decem...
The proposed reforms, outlined in briefing documents published alongside the King’s Speech opening a new parliamentary session, would update the Computer Mis...
Genetic testing company 23andMe has agreed to pay $18 million to settle claims from a coalition of 43 attorneys general that it failed to protect customers' ...
A coalition of 42 state attorneys general reached an $18 million settlement with 23andMe for cybersecurity failings that led to a data breach.
The ransomware group D1R claimed to have accessed a database of 40,000 entries from Synopsys and subsequently used this information to target Bosch, alleging...
The D1R cybercrime group claimed to have stolen valuable data from Synopsys and Bosch, threatening to leak it unless a ransom is paid. The post Synopsys Find...
The defendant's lawyer told Finnish media that he does not know where his client is but believes Kivimäki is outside Finland.
Effective data protection determines whether stolen information is actually usable and how much business and regulatory damage an organization suffers after ...
Supermarket giant Lidl has revealed details of a supplier breach impacting customer data
In this Help Net Security video, Chris Boehm, Field CTO, Zero Networks, breaks down how a vendor breach can become your breach. He explains that attackers no...
The "Breach at the Beach" CTF, created by Varonis researchers Doron Kapah and Mark Vaitsman, simulates attacks within Entra ID, focusing on how threat actors...
The compromised data includes customer salutations, first and last names, phone numbers, email addresses, dates of birth, and customer numbers.
The breach was discovered after mass emails were sent from legitimate AFA domains, claiming Argentina "stole" the win from Egypt.
Lidl disclosed a third-party data breach affecting online shop customers in Germany, Belgium, and the Netherlands. Payment data was not exposed.