7 Steps to Take After a Credential-Based cyberattack
Hackers don't break in—they log in. Credential-based attacks now fuel nearly half of all breaches. Learn how to scan your…
BREAKING: CISA Steps In to Keep CVE Services Alive
By Gary Miliefsky, Publisher, Cyber Defense Magazine Good news comes to us like a Windows patch Tuesday: Common Vulnerabilities and…
Funding Expires for Key Cyber Vulnerability Database
A critical resource that cybersecurity professionals worldwide rely on to identify, mitigate and fix security vulnerabilities in software and hardware…
Hackers exploit WordPress plugin auth bypass hours after disclosure
Hackers started exploiting a high-severity flaw that allows bypassing authentication in the OttoKit (formerly SureTriggers) plugin for WordPress just hours after…
Royal Mail investigates data leak claims, no impact on operations
Royal Mail is investigating claims of a security breach after a threat actor leaked over 144GB of data allegedly stolen…
Infostealer campaign compromises 10 npm packages, targets devs
Ten npm packages were suddenly updated with malicious code yesterday to steal environment variables and other sensitive data from developers'…
Oracle customers confirm data stolen in alleged cloud breach is valid
Despite Oracle denying a breach of its Oracle Cloud federated SSO login servers and the theft of account data for 6…
The 7 technology trends that could replace passwords
230M stolen passwords met complexity requirements—and were still compromised. Passwords aren't going away for now, but there are new technologies…
Oracle denies breach after hacker claims theft of 6 million data records
Oracle denies it was breached after a threat actor claimed to be selling 6 million data records allegedly stolen from…
DOGE to Fired CISA Staff: Email Us Your Personal Data
A message posted on Monday to the homepage of the U.S. Cybersecurity & Infrastructure Security Agency (CISA) is the latest…