ICO fines law firm £60,000 after Dark web publishes Client data

ICO fines law firm £60,000 after dark web publishes client data A law firm which specialises in defending clients accused of sexual offences has been fined £60,000 after a cyber-attack saw “highly sensitive” details of 682 clients published on the dark web. The Information Commissioner’s Office (ICO) said confidential information relating to 109 experts was…

Read More

US CISA extends MITRE CVE, CWE programs with last-minute contract extension, prevents shutdown

In an eleventh-hour move, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) ensured that the Common Vulnerabilities and Exposures (CVE) and Common Weakness Enumeration (CWE) programs did not lapse. The move will ensure that the MITRE Corporation will continue operating the CVE program for at least another 11 months after federal cybersecurity officials confirmed that they temporarily…

Read More

Nissan Leaf Hacked for Remote Spying, Physical Takeover; Vulnerabilities found

vulnerabilities affecting the Nissan Leaf electric vehicle Researchers have demonstrated that a series of vulnerabilities affecting the Nissan Leaf electric vehicle can be exploited to remotely hack the car, including for spying and the physical takeover of various functions.  The research was conducted by PCAutomotive, a company that offers penetration testing and threat intelligence services…

Read More

SonicWall Patches Multi Vulnerabilities in NetExtender VPN Client

SonicWall has issued a security advisory disclosing three newly identified vulnerabilities in its NetExtender Windows client, a popular VPN tool used by organizations for secure remote access to internal networks. SonicWall outlined three distinct vulnerabilities affecting NetExtender for Windows versions 10.3.1 and earlier: CVE-2025-23008 — Improper Privilege Management (CVSS 7.2) This high-severity flaw allows a low-privileged attacker…

Read More

56% of Cyberattacks Bypass Security With Legitimate Logins – Report

Newly released 2025 Sophos Active Adversary Report revealed,50 % cyberattacks in 2024 bypassed traditional security defenses by using legitimate login credentials. The report, which analysed over 400 cases of Managed Detection and Response (MDR) and Incident Response (IR), revealed that 56 percent of cyberattacks were executed by adversaries simply logging in rather than breaking in….

Read More

Synechron Launches Cybersecurity AI Accelerators, Strengthening Enterprise Security

Synechron CyberAI Synechron  today announced the launch of Synechron CyberAI accelerators program. This suite of four AI-driven solutions enhances enterprise security, streamlines compliance, and reduces risk exposure through automation and intelligence. Synechron’s 14th accelerator program includes: * RiskControl.AI: Automates IT risk management, offering real-time control assessments and compliance insights * AppSec.AI: Provides a unified view of security…

Read More

NETSCOUT REPORTS DDOS ATTACKS TARGETING CRITICAL INFRASTRUCTURE PLAY A DOMINANT ROLE IN GEOPOLITICAL CONFLICTS

DDoS attacks are precision-guided digital weapons as DDoS-for-hire services, AI and powerful botnets drive onslaught of attacks Threat Intelligence Report, revealing how Distributed Denial of Service (DDoS) attacks have become a dominant means of waging cyberwarfare linked to sociopolitical events such as elections, civil protests, and policy disputes. The findings show how attackers exploit moments…

Read More

New Crocodilus Malware steals Android users’ crypto wallet keys

A newly discovered Android malware dubbed Crocodilus tricks users into providing the seed phrase for the cryptocurrency wallet using a warning to back up the key to avoid losing access. Although Crocodilus is a new banking malware, it features fully developed capabilities to take control of the device, harvest data, and remote control. Researchers at fraud prevention company…

Read More