For providers

The U.S. Department of Health and Human Services has imposed a $1.5 million penalty on American eyewear manufacturer and retailer Warby Parker due to its failure to properly secure its systems from a credential stuffing attack in 2018 that compromised almost 200,000 individuals' protected health information, reports The Record, a news site by cybersecurity firm Recorded Future.

Cisco Canada’s SMB organization, along with key partners, foster a ripple effect of kindness, breathing life into the Maya Angelou quote, “I have found that among its other benefits, giving liberates the soul of the giver.”

Ongoing attacks leveraging the recently patched high-severity code injection flaw in the Craft content management system, tracked as CVE-2025-23209, have prompted its inclusion in the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog, with federal agencies urged to remediate the security issue by March 13, The Hacker News reports.

Widely known Chinese cybersecurity company TopSec has been impacted by a data leak revealing more than 7,000 records shedding light on its likely role in the Chinese government's internet censorship efforts, Hackread reports.

OpenAI has moved to disrupt several accounts associated with the illicit use of its ChatGPT chatbot for surveillance and influence operations, the most notable of which is a suspected China-based social media listening tool that leverages the firm's AI models to obtain information on anti-China demonstrations in the West, according to The Hacker News.

SecurityWeek reports that North Korean hackers have leveraged fraudulent job offers to compromise freelance software developers with malicious payloads as part of the DeceptiveDevelopment attack campaign, which has been underway since early last year.

Major Dubai-based cryptocurrency exchange Bybit Technology had $1.5 billion pilfered by North Korean hacking collective Lazarus Group as part of the world's largest single cryptocurrency heist so far, SiliconAngle reports.

Only by addressing the inefficiencies of current naming conventions can we create a safer, more resilient landscape for all defenders.

The Zero Trust World 2025 conference leaned heavily into challenging established paradigms and disrupting the status quo.

Technical expertise remains crucial in an AI-driven world, with new insights and key updates for CCIEs to prepare for the future.