In an eleventh-hour move, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) ensured that the Common Vulnerabilities and Exposures (CVE) and Common Weakness Enumeration (CWE) programs did not lapse. The move will ensure that the MITRE Corporation will continue operating the CVE program for at least another 11 months after federal cybersecurity officials confirmed that they temporarily…
UnitedHealth Group is demanding that healthcare providers repay the loans they received from the company after a cyberattack at its tech unit Change Healthcare last year, according to two providers on Friday. The largest U.S. health insurance company loaned out $9 billion to providers who had been struggling after the massive ransomware attack in February…
SonicWall has issued a security advisory disclosing three newly identified vulnerabilities in its NetExtender Windows client, a popular VPN tool used by organizations for secure remote access to internal networks. SonicWall outlined three distinct vulnerabilities affecting NetExtender for Windows versions 10.3.1 and earlier: CVE-2025-23008 — Improper Privilege Management (CVSS 7.2) This high-severity flaw allows a low-privileged attacker…
Shuckworm’s cyber campaign focus on Ukraine has continued into 2025, targeting the military mission of a Western country based in the Eastern European nation. This first activity in this campaign occurred in February 2025, and it continued into March. The initial infection vector used by the attackers appears to have been an infected removable drive….
DDoS attacks are precision-guided digital weapons as DDoS-for-hire services, AI and powerful botnets drive onslaught of attacks Threat Intelligence Report, revealing how Distributed Denial of Service (DDoS) attacks have become a dominant means of waging cyberwarfare linked to sociopolitical events such as elections, civil protests, and policy disputes. The findings show how attackers exploit moments…
Sebi has extended the deadline for regulated entities to adopt a cybersecurity framework to June 2025, citing requests for more time. The framework aims to enhance cyber resilience. The decision follows feedback from stakeholders requesting more time to adapt to the Industry Standards, which outline the minimum information required for review by audit committees and…
sAxess App launch Serenity, recently announced the launch of the sAxess App on the App Store® to enhance cybersecurity through fingerprint authentication, cryptocurrency management & data protection The launch delivers the world’s first app to offer external access exclusively through biometric authentication via a physical card, eliminating traditional passwords entirely. With data breaches increasingly tied…
An advanced persistent threat (APT) group with ties to Pakistan has been attributed to the creation of a fake website masquerading as India’s public sector postal system as part of a campaign. This is designed to infect both Windows and Android users in the country. Cybersecurity company CYFIRMA has attributed the campaign with medium confidence…
OpenAI efforts to boost security researchers by raising the maximum payout for its Bug Bounty program from $20K to a cool $100K. This initiative, along with a slew of others, is part of a multi-pronged effort to prioritize AI cybersecurity. The company announced the expansion of its Security Bug Bounty Program on Wednesday, along with…
Growing Cyber attacks, worldwide security spending is expected to see sustained growth throughout the 2023–2028 period, reaching $377 billion in 2028, according to a new report. According to latest forecast from the International Data Corporation (IDC), global security spending is expected to grow by 12.2 per cent (year on year) in 2025. The increasing complexity…
