Category: Privacy/Governance Feed

The US Cybersecurity and Infrastructure Security Agency has added two flaws affecting SonicWall products to its catalog of Known Exploited Vulnerabilities – Read More  –  

NSC’s Alexei Bulazel said that failing to robustly respond to constant Chinese intrusions into critical infrastructure is in itself “escalatory” – Read More  –  

FIDO Alliance found an uptick in awareness and takeup of passkeys as an alternative method to passwords – Read More  –  

UK retailers including Harrods, M&S, and the Co-op are under a surge of cyber-attacks that may be linked by a common supplier or shared technological vulnerability – Read More  –  

Anthropic has found its Claude chatbot is being used for automated political messaging, enabling AI-driven influence campaigns – Read More  –  

Concerned about the fate of sensitive genetic information, the ICO and OPC have demanded that 23andMe prioritize customer data protection throughout its bankruptcy process – Read More  –  

A large-scale phishing campaign using DarkWatchman and Sheriff malware has been observed targeting companies in Russia and Ukraine – Read More  –  

Bitdefender highlighted the growing use of subscription scams, in which victims are lured by adverts into recurring payments for fake products – Read More  –  

Alongside its new Meta AI app, Facebook’s parent company launched several new products to help secure open-source AI applications – Read More  –  

The ICO has decided not to fine the British Library for a 2023 ransomware breach – Read More  –  

The FBI has released details of 42,000 phishing domains associated with the LabHost operation, in order to help the security community – Read More  –  

The impact of the advancement in quantum computing on cybersecurity will be a key focus at this year’s Infosecurity Europe event – Read More  –  

RansomHub refines extortion strategy amid RaaS market fractures, expanding affiliate recruitment – Read More  –  

Microsoft has announced plans to expand cloud and AI infrastructure in the EU, increasing data center capacity by 40% by 2027 – Read More  –  

The Co-op stores, quick commerce operations and funeral homes are trading as usual – Read More  –  

Kristi Noem said the Trump administration is introducing reforms to ensure CISA is focusing on the core security functions it was created for – Read More  –  

The legislation mandates a probe into foreign-made routers to identify risks for US national security – Read More  –  

JPMorgan’s CISO has argued that SaaS apps represent a growing risk to businesses, “quietly enabling cyber attackers” – Read More  –  

The French government has criticized Russia’s APT28 group for attacking 12 entities in a long-running espionage campaign – Read More  –  

New WordPress malware disguised as a plugin gives attackers persistent access and injects malicious code enabling administrative control – Read More  –  

A new ransomware campaign is automating LockBit deployment via the Phorpiex botnet, according to Cybereason – Read More  –  

Administrators of a Telegram channel named CoderSharp have been advertising Gremlin Stealer since March 2025 – Read More  –  

Dvuln researchers highlighted the growing impact of infostealers on the cybercrime landscape, enabling attackers to bypass traditional defenses – Read More  –  

Google claims 19% more zero-day bugs were exploited in 2024 than 2022 as threat actors focus on security products – Read More  –  

Europol has launched a new initiative designed to combat recruitment of youngsters into violent organized crime groups – Read More  –  

Members of the World Uyghur Congress living in exile were targeted with a spear phishing campaign deploying surveillance malware, according to the Citizen Lab – Read More  –  

50% of mobile devices run outdated operating systems, increasing vulnerability to cyber-attacks, according to the latest report from Zimperium – Read More  –  

According to the 2025 Global Threat Landscape Report from FortiGuard, threat actors are executing 36,000 scans per second – Read More  –  

An ISACA survey found that just 5% of organizations have a defined strategy to defend against quantum-enabled threats – Read More  –  

The US authorities have asked the public to help them unmask China’s Salt Typhoon threat actors – Read More  –  

The UK government says it will ban the possession or supply of SIM farms, in a fraud crackdown – Read More  –  

Increased law enforcement pressure has forced ransomware groups like DragonForce and Anubis to move away from traditional affiliate models – Read More  –  

A maximum severity flaw affecting SAP NetWeaver has been exploited by threat actors – Read More  –  

British retailer M&S continues to tackle a cyber incident with online orders now paused for customers – Read More  –  

Researchers have found a Chrome extension that can act on the user’s behalf by using a popular AI agent orchestration protocol – Read More  –  

Panaseer’s latest cybersecurity study revealed that US companies have paid $155M in data breach lawsuit settlements over just six months – Read More  –  

Backslash Security found that naïve prompts resulted in code vulnerable to at least four of the of the 10 most common vulnerabilities across popular LLMs – Read More  –  

ELENOR-corp ransomware, a new version of Mimic, is targeting healthcare organizations using advanced capabilities – Read More  –  

A misconfigured tracking tool has exposed protected health information of 4.7 million Blue Shield members to Google Ads – Read More  –  

A critical path traversal vulnerability in Commvault’s backup and replication solutions has been reported – Read More  –  

While the Verizon annual report showed that ransomware is rising, it also found that ransom payments are in decline – Read More  –  

NCC Group found that ransomware attacks fell by 32% in March compared to February, but described this finding as a “red herring” – Read More  –  

ETSI’s says new technical specification for securing AI models and systems sets international benchmark – Read More  –  

Ofcom’s Protection of Children Codes and Guidance lists 40 new child safety measures for tech firms – Read More  –  

After a 180% rise in last year’s report, the exploitation of vulnerabilities continues to grow, now accounting for 20% of all breaches – Read More  –  

The FBI found that cybercrime losses climbed by 33% compared to 2023, driven by tactics like investment fraud and BEC – Read More  –  

Mandiant’s M-Trends report found that credential theft rose significantly in 2024, driven by the growing use of infostealers – Read More  –  

In regulated sectors such as banking, healthcare, and government services, the importance of safeguarding sensitive data is well understood—but… The post The Hidden Costs of Not Using HSMs in Regulated Sectors appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

The latest ITRC data finds breach volumes remained flat in Q1 but victim numbers increased 26% annually – Read More  –  

Marks and Spencer has confirmed that it has been managing a cyber incident for the past few days which affected its contactless payments and click and collect services – Read More  –