Flaw in Broadcom Wi-Fi Chipsets Illuminates Importance of Wireless Dependability and Business Continuity
A “scary” vulnerability in Broadcom Wi-Fi chipsets could lead to long-term instability and affect how an organization operates ... Read More
StrongestLayer: Top ‘Trusted’ Platforms are Key Attack Surfaces
Adrian Bridgwater | | Application Security, Cybersecurity, Data Security, Information Security, Malware, Security NewsExplore StrongestLayer's threat intelligence report highlighting the rise of email security threats exploiting trusted platforms like DocuSign and Google Calendar. Learn how organizations can adapt to defend against these evolving cyber risks ... Read More
Report: Open Source Malware Instances Increased 73% in 2025
ReversingLabs this week published a report that finds there was a 73% increase in the number of malicious open source packages discovered in 2025 compared with the previous year. More than 10,000 malicious open source packages were discovered, most of which involved node package managers (npms) that cybercriminals were using ... Read More
MIND Extends DLP Reach to AI Agents
Michael Vizard | | agentic AI security, AI agents, AI data security, AI Governance, AI monitoring, Cybersecurity Automation, Data Loss Prevention, enterprise AI risk, non-human identity, prompt injection attacks, SaaS Security, sensitive data protection, Shadow AIMIND extends its data loss prevention platform to secure agentic AI, enabling organizations to discover, monitor, and govern AI agents in real time to prevent sensitive data exposure, shadow AI risks, and prompt injection attacks ... Read More
A Lack of Spending Isn’t the Problem With Cloud Security, Structural Complexity Is
Cloud security is hard and getting harder, a Fortinet study says, as AI widens a complexity gap and empowers attackers. ... Read More
Radware Acquires Pynt to Add API Security Testing Tool
Radware this week revealed it has acquired Pynt, a provider of a set of tools for testing the security of application programming interfaces (APIs). Uri Dorot, a senior product marketing manager for Radware, said that capability will continue to be made available as a standalone tool in addition to being ... Read More
Survey Surfaces Lots of Room for DevSecOps Improvement
A survey of 506 cybersecurity leaders and practitioners working for organizations with more than 500 employees, published today, finds that while 80% report security and DevOps teams are using shared observability tools, less than half (45%) say the two teams are very aligned on tooling and workflows compared to 43% ... Read More
31 More Charged in Massive ATM Jackpotting Scheme Linked to Tren de Aragua Gang
Jeffrey Burt | | #banks, ATM jackpotting, Credit Unions, cyberattacks, Department of Justice (DOJ), Financial Services Cybersecurity, Malware, Ploutus, Rescana, Tren de AraguaThe DOJ indicted 31 people accused of participating in an ATM jackpotting scheme in which the venerable Ploutus malware was used to help steal more than $5 million from machines around the United States. In total, 87 people have been charged, with many connected to the Tren de Aragua Venezuelan ... Read More
Feds Take Their Ball and Go Home From RSAC Conference
Alan Shimel | | cisa, Cybersecurity Collaboration, Cybersecurity Leadership, FBI, government cyber policy, Jen Easterly, nsa, public private partnership, RSAC ConferenceRead Alan's sharp critique of federal cyber agencies withdrawing from RSAC over leadership politics—and why sidelining collaboration hurts the entire cybersecurity community ... Read More
LayerX Discovers Malicious Chrome Extensions Stealing ChatGPT Accounts
Jeffrey Burt | | AI chatbot, AI credentials, browser attacks, ChatGPT risks, fake Google Chrome extension, GhostPoster, LayerX, malicious extensionsSecurity researchers from LayerX discovered 16 malicious Chrome extensions created by the same threat actor designed to intercept users' interaction with ChatGPT chatbots and steal their account credentials, the latest instance in a growing trend ... Read More
