Socket acquires Coana in game-changing move for cybersecurity industry Socket’s acquisition of Coana brings best-in-class reachability analysis to application security teams globally, cementing Socket’s position as the leader in software supply chain security. The news comes as Socket has seen over 300% year-over-year revenue growth over the past year with customers including Anthropic, Figma, OpenAI,…
ICO fines law firm £60,000 after dark web publishes client data A law firm which specialises in defending clients accused of sexual offences has been fined £60,000 after a cyber-attack saw “highly sensitive” details of 682 clients published on the dark web. The Information Commissioner’s Office (ICO) said confidential information relating to 109 experts was…
In an eleventh-hour move, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) ensured that the Common Vulnerabilities and Exposures (CVE) and Common Weakness Enumeration (CWE) programs did not lapse. The move will ensure that the MITRE Corporation will continue operating the CVE program for at least another 11 months after federal cybersecurity officials confirmed that they temporarily…
UnitedHealth Group is demanding that healthcare providers repay the loans they received from the company after a cyberattack at its tech unit Change Healthcare last year, according to two providers on Friday. The largest U.S. health insurance company loaned out $9 billion to providers who had been struggling after the massive ransomware attack in February…
SonicWall has issued a security advisory disclosing three newly identified vulnerabilities in its NetExtender Windows client, a popular VPN tool used by organizations for secure remote access to internal networks. SonicWall outlined three distinct vulnerabilities affecting NetExtender for Windows versions 10.3.1 and earlier: CVE-2025-23008 — Improper Privilege Management (CVSS 7.2) This high-severity flaw allows a low-privileged attacker…
Shuckworm’s cyber campaign focus on Ukraine has continued into 2025, targeting the military mission of a Western country based in the Eastern European nation. This first activity in this campaign occurred in February 2025, and it continued into March. The initial infection vector used by the attackers appears to have been an infected removable drive….
DDoS attacks are precision-guided digital weapons as DDoS-for-hire services, AI and powerful botnets drive onslaught of attacks Threat Intelligence Report, revealing how Distributed Denial of Service (DDoS) attacks have become a dominant means of waging cyberwarfare linked to sociopolitical events such as elections, civil protests, and policy disputes. The findings show how attackers exploit moments…
Sebi has extended the deadline for regulated entities to adopt a cybersecurity framework to June 2025, citing requests for more time. The framework aims to enhance cyber resilience. The decision follows feedback from stakeholders requesting more time to adapt to the Industry Standards, which outline the minimum information required for review by audit committees and…
sAxess App launch Serenity, recently announced the launch of the sAxess App on the App Store® to enhance cybersecurity through fingerprint authentication, cryptocurrency management & data protection The launch delivers the world’s first app to offer external access exclusively through biometric authentication via a physical card, eliminating traditional passwords entirely. With data breaches increasingly tied…
An advanced persistent threat (APT) group with ties to Pakistan has been attributed to the creation of a fake website masquerading as India’s public sector postal system as part of a campaign. This is designed to infect both Windows and Android users in the country. Cybersecurity company CYFIRMA has attributed the campaign with medium confidence…
