LastPass Data Breach: Lessons for CISOs After 1.6 Million Users Exposed and a £1.2M ICO Fine
The LastPass data breach and subsequent £1.2 million ICO fine highlight a critical reality for CISOs: modern security failures are…
When Trust Becomes the Weakest Link: Potential Supply-Chain Malware via Yealink Downloads
A suspicious ZIP from Yealink’s official CDN contained a trojanized executable, suggesting a possible supply-chain compromise. This case highlights why…
Swiss Cyber AI Award: Where Intelligence Meets Protection
The Swiss Cyber AI Award honors the most innovative projects combining Artificial Intelligence and Cybersecurity. Open to participants from Switzerland…
Fortinet Discloses Critical FortiCloud SSO Authentication Bypass Vulnerabilities: What CISOs Must Do Immediately
Critical Fortinet flaws (CVE-2025-59718/59719) allow attackers to bypass FortiCloud SSO using malicious SAML messages. Although not enabled by default, many…
Sryxen Stealer: The New Class of Malware That Turns Chrome Against Itself
Sryxen is a new stealer that bypasses Chrome’s App-Bound Encryption by abusing headless Chrome and the DevTools Protocol, forcing the…
Allurity expands its European cybersecurity presence by acquiring MSF Partners – experts in protecting critical assets and infrastructure
Allurity strengthens its European cybersecurity footprint by acquiring MSF Partners, a Swiss OT security specialist protecting critical infrastructure. The move…
LANDFALL: Inside the Most Advanced Android Spyware Campaign Ever Seen Targeting Samsung Devices
LANDFALL is a sophisticated Android spyware exploiting a Samsung zero-day via DNG zero-click attacks delivered through WhatsApp images. This commercial-grade…
Cloudflare Global Network Outage — What CISOs Need to Know (18 November 2025)
Cloudflare suffered a global service outage impacting the dashboard, Access, WARP, and application services. Recovery is underway. The incident highlights…
PROMPTFLUX: The First AI-Evolving Malware — and What It Really Means for Cybersecurity
AI-driven malware is no longer theoretical. PROMPTFLUX, an experimental VBScript malware leveraging Gemini for real-time code regeneration, shows how threat…
Critical Vulnerability in Fortinet FortiWeb Exploited in the Wild
A critical vulnerability in Fortinet's FortiWeb Web Application Firewall has been actively exploited, allowing attackers to gain administrator access. Organizations…
CISA Emergency Directive 25-03: Federal Agencies Ordered to Identify and Mitigate Compromise of Cisco ASA and Firepower Devices
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued Emergency Directive 25-03 after discovering a state-sponsored campaign exploiting zero-day…