Cybersecurity company Proofpoint has made two major acquisition announcements that are set to strengthen its position in cloud security and compliance. These moves, made in May 2025, are seen as strategic steps to better protect users across modern collaboration platforms, especially Microsoft 365. The first big move by Proofpoint is the acquisition of Hornetsecurity, a … Continued
A serious security issue has been found in Apple’s Messages app. This problem was used to spy on journalists in Europe using a spyware tool called Graphite, made by a company named Paragon. The attack was discovered by researchers at Citizen Lab, who found clear signs that two journalists were targeted using this flaw. The … Continued
NIST has just released a practical new guide called SP 1800-35: Implementing a Zero Trust Architecture. Developed by the National Cybersecurity Center of Excellence (NCCoE) along with 24 private-sector collaborators, this document goes beyond theory. It gives real, working examples of how organizations can implement zero trust security using tools that are already available on … Continued
A new ransomware strain named Fog recently targeted a financial institution in Asia. What makes this attack different is the way the attackers used a mix of open-source hacking tools and legitimate software to carry out their plan. This helped them stay unnoticed and cause serious damage. The attackers managed to get into the system … Continued
ConnectWise has announced a major security step as it is going to rotate the code-signing certificates used in several of its software products, including ScreenConnect, Automate, and RMM agents. This move comes after a third-party security researcher flagged a possible security concern that could be exploited by attackers. The issue isn’t about any kind of … Continued
A new wave of cyberattacks has hit the corporate world, targeting more than 80,000 Microsoft Entra ID accounts. These attacks were uncovered by cybersecurity experts at Proofpoint, who linked the campaign to a tool called TeamFiltration. This tool is actually an open-source framework originally created for penetration testing but is now being misused by cybercriminals. … Continued
Salesforce has made a quiet but important change to how companies can interact with Slack data. While it was not announced with much fanfare, the impact is already being felt across the enterprise AI space. Slack, which is owned by Salesforce, recently changed its terms and is no longer allowing outside software firms to store … Continued
In recent months, there’s been a major rise in DDoS attacks targeting financial institutions. What’s scary is that these attacks aren’t just increasing in number, they’re also getting way more advanced and harder to detect. Cybercriminals have stopped relying only on traditional “flooding” methods. Now, they’re combining smarter techniques that slip past basic defenses. Banks … Continued
FIN6 hackers are now pretending to be job seekers to hack recruiters. A well-known cybercrime group named FIN6, also known as Skeleton Spider, has come up with a new and clever way to attack companies. This time, instead of directly hacking systems or using ransomware, they are pretending to be job seekers and targeting … Continued
AI-Powered Code Tools Are Creating a “Cybersecurity Powder Keg” The rise of AI-assisted development has transformed the way code is written—faster, more efficient, and increasingly accessible. But there’s a growing concern that this acceleration comes at a cost: security. A recent piece by Dark Reading highlights a growing risk. Developers—especially those new to the field—are … Continued
