As the attack surface expands and the threat landscape grows more complex, it’s time to consider whether your data protection strategy is fit for purpose 05 Sep 2025  •  , 5 min. read A single security breach can jeopardize everything you’ve built. The theft of...

A major UK education trust has warned staff that their personal information may have been compromised following a cyberattack on software developer Intradev in August. Affinity Learning Partnership, which operates seven schools and employs more than 650 staff...

Unknown miscreants are exploiting a configuration vulnerability in multiple Sitecore products to achieve remote code execution via a publicly exposed key and deploy snooping malware on infected machines. All versions of Sitecore Experience Manager (XM),...

AI models get slammed for producing sloppy bug reports and burdening open source maintainers with hallucinated issues, but they also have the potential to transform application security through automation. Computer scientists affiliated with Nanjing University...

A new China-aligned cybercrime crew named GhostRedirector has compromised at least 65 Windows servers worldwide - spotted in a June internet scan - using previously undocumented malware to juice gambling sites' rankings in Google search, according to ESET...

Threat actors have been exploiting a zero-day vulnerability in legacy Sitecore deployments to deploy WeepSteel reconnaissance malware. The flaw, tracked under CVE-2025-53690, is a ViewState deserialization vulnerability caused by the inclusion of a sample...

Texas Attorney General Ken Paxton has filed a lawsuit against education software company PowerSchool, which suffered a massive data breach in December that exposed the personal information of 62 million students, including over 880,000 Texans. PowerSchool is a...

Free support is ending for many editions of Windows 10 on October 14, and enterprises unable to make the jump are on the hook for billions to keep the fixes flowing. IT workplace management outfit Nexthink has estimated that the cost of sticking with Windows 10...

ESET researchers have identified a new threat actor, whom we have named GhostRedirector, that compromised at least 65 Windows servers mainly in Brazil, Thailand, and Vietnam. GhostRedirector used two previously undocumented, custom tools: a passive C++ backdoor...

Sainsbury's, Britain's second-largest supermarket chain, has caught the attention of privacy campaigners by launching an eight-week trial of live facial recognition (LFR) tech in two of its stores to curb shoplifting. A survey of the grocer's customers in July...