Hertz Data Breach Exposes Customer Information in Cleo Zero-Day Attack infosecurity-magazine.com/news/hertz-dat…

Serious vulnerabilities in generative #AI (GenAI) systems discovered during penetration testing are only resolved about 21% of the time, according to Cobalt's State of Pentesting Report 2025. #cybersecurity #infosec #ITsecurity bit.ly/4lsFu9n

Verizon DBIR: Small Businesses Bearing the Brunt of Ransomware Attacks infosecurity-magazine.com/news/verizon-d…

CISOs are expected to secure their organizations, and also predict, prevent, and react to threats, says Silverfort's John Paul Cunningham in this commentary. Because of these pressures, 1 in 4 CISOs are considering leaving the profession. #cybersecurity bit.ly/44Et2NA

AI, Automation, and Dark Web Fuel Evolving Threat Landscape: bit.ly/42NRfyr by Elizabeth Montalbano

Attackers are still winning more often than defenders, said Veracode's Chris Wysopal and Columbia University’s Jason Healey during their RSAConference talk, “Secure by Design: Are We Winning?” #cybersecurity #RSAC #infosec #ITsecurity bit.ly/3ELGOn3

FBI Publishes 42,000 LabHost Phishing Domains infosecurity-magazine.com/news/fbi-publi…

Despite more than a decade of investment in #zerotrust architecture, adversaries continue to gain footholds. “We see this over and over again — attackers use credentials to walk right in,” said Philippe Langlois, co-author of Verizon's DBIR. #infosec bit.ly/3SI0prw

Fake #AI video generation websites promoted via Facebook and LinkedIn ads were found to spread various malware payloads with reconnaissance and backdoor capabilities, according to Mandiant (part of Google Cloud). #cybersecurity #infosec #ITsecurity bit.ly/4kzk75r

As hospitals race ahead with #AI adoption, it’s worth asking: Are we opening ourselves to the same risks that were overlooked to adopt telemedicine, says First Health Advisory's Toby Gouker in this column. #healthIT #cybersecurity #infosec bit.ly/45lbRRI

A university paper detailed how a smartwatch could possibly be employed to lift secured data from air-gapped machines by intercepting electronic signals. #cybersecurity #infosec #ITsecurity bit.ly/4kQKiVm

If you’re a technology professional working with 5G capabilities, we encourage you to check out the NCCoE Applying 5G Cybersecurity and Privacy Capabilities White Paper Series! Download our latest white paper focused on Network Security Design Principles: nccoe.nist.gov/5g-cybersecuri…

When privileged escalation occurs between programs, it’s known as the confused deputy problem. In the world of Agentic #AI, it’s now reborn and has been thriving, says BeyondTrust's Morey Haber in this commentary. #cybersecurity #infosec #ITsecurity bit.ly/4k0bzn1

Jira tickets could potentially be abused for prompt injection when support staff use #AI to help handle issues, according to Cato Networks, which demonstrated a "living off AI" proof-of-concept attack. #cybersecurity #infosec #ITsecurity bit.ly/3FZBf5b

In a June 2025 report, the FDA said medical device manufacturers should build Secure-by-Design products that follow National Institute of Standards and Technology standards, Cybersecurity and Infrastructure Security Agency #cybersecurity guidelines and industry standard routing requirements. #infosec #healthIT bit.ly/4eiwa4J

A study from security provider CertifID LLC found that real estate companies lost about $500 million to fraud attacks, while 17% of companies fell victim to business email compromise (BEC) attacks in 2024. #cybersecurity #infosec #ITsecurity bit.ly/4kbHUY7

As part of an editorial collaboration with the OWASP Gen AI Security Project, SC Media and OWASP® Foundation will raise the awareness bar around secure GenAI application development, threat awareness, and risks and mitigation best practices. #cybersecurity #AI bit.ly/44eGLKD

Prompt injection sits at the top of OWASP® Foundation's 2025 Top 10 for LLM Applications and Generative AI. The attack doesn't exploit traditional software flaws - it manipulates how LLMs interpret language itself. #cybersecurity #AI #infosec #ITsecurity bit.ly/45QY5qa

The U.S. House of Representative will hear testimony Tuesday from top cyber officials on the impact Stuxnet had on the evolution of threats to critical infrastructure. #cybersecurity #infosec #ITsecurity bit.ly/4lKhbn4

The FCC is issuing new licensing rules for undersea internet cables, including requirements for cyber and physical security. docs.fcc.gov/public/attachm…