Security Bulletin

TechCrunch reports that Florida state senators will soon vote on draft legislation that would impose the creation of encryption backdoors for law enforcement in social media platforms following its unanimous approval by the state's Senate Rules...

North American airport retail company Paradies Shops has agreed to pay $6.9 million to resolve a class-action lawsuit alleging its negligence in a 2020 REvil ransomware attack that compromised 76,000 current and former employees' personal data...

As cyberattacks surge and boardrooms demand measurable outcomes, CISOs in Q2 2025 are redefining their playbook, prioritizing resilience, operational intelligence, and business-aligned metrics like never before.

Ahold Delhaize USA which owns leading supermarket brands Hannaford, Stop & Shop, Giant Food, and Food Lion has confirmed having its data compromised in a November cyberattack after the INC ransomware operation claimed that the incident led to the...

The technology giant said two zero-day vulnerabilities were used in attacks on iOS devices against "specific targeted individuals," which suggests spyware or nation-state threat activity.

Dr. Dustin Sachs, Chief Technologist and Senior Director of Programs for CyberRisk Collaborative, shares his experience, explaining how alert fatigue erodes decision-making, how the resulting ego depletion compromises judgment, and why AI -- if...

Here’s what the CVE program’s uncertain future means for cyber defenders.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

CISA guidance follows reports of Oracle Cloud breached, which the company denies.

IBM’s X-Force 2025 Threat Intelligence Index reveals an increase in misuse of valid credentials.

The threat actors lace pre-downloaded applications with malware to steal cryptocurrency by covertly swapping users' wallet addresses with their own.