Cardiac monitor maker's security skips a beat as data thieves go for the jugular
Attackers used social engineering to access third-party business apps and steal patient information
Security & Lifecycle News
Aggregated from vendor advisories, security research, and industry publications.
Cal Water Investigating Iranian Hackers’ Claims
California Water Service says there is no indication of operational disruptions to its water and wastewater systems. The post Cal Water Investigating Iranian Hackers’ Claims appea…
White House Issues Memo to Bolster NSS Cybersecurity
NSPM-12 establishes a clear structure for NSS cybersecurity governance and accountability and reestablishes CNSS. The post White House Issues Memo to Bolster NSS Cybersecurity appe…
Survey: 94% of Incidents Involve Anonymized Infrastructure. Teams Are Still Reactive
Security teams have never had more IP data at their disposal. Every day, analysts ingest enrichment feeds, geolocation data, reputation scores, telemetry, and threat intelligence f…
Qualcomm said to be circling AI chip biz Tenstorrent in $10B RISC-V power play
Potential takeover would represent significant commitment to the open instruction set architecture
Flock Cameras Are Being Used for Stalking
There are over a dozen cases around the country where police officers are using the Flock surveillance camera system to obsessively and illegally stalk people. Alternate link.
Scammers keep scoring: Brits fleeced for £1.3B as Americans lose $3.5B to impersonators
More reasons to love social media and AI
Atomic Arch Supply Chain Attack Hits 1,500 AUR Packages
Arch Linux suspended account registrations in response to the wave of malicious packages being uploaded to AUR. The post Atomic Arch Supply Chain Attack Hits 1,500 AUR Packages app…
CISA warns of another cPanel plugin flaw exploited in attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given U.S. government agencies three days to secure their servers against an actively exploited vulnerability (…
Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week
Bad actors are exploiting multiple security vulnerabilities in Fortinet FortiSandbox, according to threat intelligence firm Defused Cyber. In a post shared on X, the company said …
Cybersecurity Executives Urge the Trump Administration to Ease Restrictions on Anthropic AI Models
A group of cybersecurity executives and experts is asking the Trump administration to lift its directive preventing the use of Anthropic’s latest artificial intelligence models by …
Capita is about to sail past deadline to fix civil service pensions scheme
Union says outsourcer will miss June 30 target after portal meltdown and mounting complaints
Ransomware gang abuses Microsoft Teams relays to hide malicious traffic
DragonForce ransomware used a custom malware named 'Backdoor.Turn' to hide command-and-control traffic inside Microsoft Teams relay infrastructure. [...]
ZTE Day 2026 in Almaty Showcases Innovations Shaping Kazakhstan's Intelligent Telecom Future
PARTNER CONTENT: Empowering Kazakhstan’s "Year of Digitalization and AI" with Next-Gen Connectivity and Supercomputing Solutions
SQL Server may be too lucrative for Microsoft to ditch, but too legacy to love
Analysts say Redmond still has billions of reasons to keep backing its flagship DBMS, even as Azure, Postgres, and AI hog the spotlight
Cisco patches SD-WAN flaw amid evidence of active exploitation
Cisco has released fixes for a vulnerability in its Catalyst SD-WAN Manager software after becoming aware of limited exploitation of the flaw, which could allow an authenticated at…
China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth
Cybersecurity researchers have flagged two previously undocumented Windows variants of what was believed to be a Linux-only backdoor called SprySOCKS. "The Windows variants discov…
Tech Coalition ‘Athena’ Targets OSS Vulnerabilities Ahead of Disclosure
Over two dozen organizations built a shared platform to triage vulnerabilities, fix them, and secure the software before patches arrive. The post Tech Coalition ‘Athena’ Targets OS…
Critical Fortinet FortiSandbox flaws now exploited in attacks
Attackers are now exploiting several critical vulnerabilities in Fortinet's FortiSandbox cyber threat detection platform, according to threat intelligence company Defused. [...]
ERP users may soon get ahead by going headless, says Rimini Street boss
Look to AI agents and open source to escape the vendor-driven upgrade cycle
Windows version of SprySOCKS Linux malware used to attack govt orgs
Windows variants for the SprySOCKS Linux malware have been used in attacks targeting government organizations in at least four countries. [...]
France's digital sovereignty push is struggling to escape the Microsoft gravity well
Nextcloud rollout shows locally controlled storage is one thing; getting users off Office is quite another
Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware
The North Korean state-sponsored hacking group known as ScarCruft (aka APT37) has been observed using spear-phishing messages impersonating Microsoft Account security notifications…
Inside the cloud's new agentic AI-ready, Arm-powered foundation
PARTNER CONTENT: From hyperscalers to enterprises, performance-per-watt and system-level efficiency are redefining the cloud compute foundation
iRhythm discloses data breach, says hackers stole patient info
Digital healthcare company iRhythm Holdings has disclosed a data breach after hackers stole patients' personal and health information stored on third-party-hosted business applicat…
Cisco Patches Another SD-WAN Zero-Day Exploited in Attacks
Cisco recently became aware of the exploitation of CVE-2026-20262, a Catalyst SD-WAN Manager zero-day that allows arbitrary file write. The post Cisco Patches Another SD-WAN Zero-D…
Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw
Cisco has released security updates for a medium-severity security flaw in Catalyst SD-WAN Manager that has come under active exploitation in the wild. The vulnerability, tracked …
CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw impacting LiteSpeed cPanel Plugin to its Known Exploited Vulnerabilities (KEV) catalog, r…
A modest proposal: Reformat everything to make documents more palatable to AI
What's up, DocLang?
DOJ seizes CFAKE, SOCFAKE deepfake nude sites under TAKE IT DOWN Act
The U.S. Department of Justice announced Friday that it has seized the CFAKE.com and SOCFAKE.com websites, which allegedly hosted nonconsensual AI-generated nude images and videos …