Latest news as of 9/20/2025, 10:42:03 PM
Dark Reading
The addition of Black Duck's application security testing offering to UltraViolet Cyber's portfolio helps security teams find and remediate issues earlier in the security lifecycle.
The Register
Affinity Learning Partnership warns staff after Intradev breach A major UK education trust has warned staff that their personal information may have been compromised following a cyberattack on software developer Intradev in August.…
The Hacker News
Pentesting remains one of the most effective ways to identify real-world security weaknesses before adversaries do. But as the threat landscape has evolved, the way we deliver pentest results hasn't kept pace. Most organizations still rely on traditional reporting methods—static PDFs, emailed documents, and spreadsheet-based tracking. The problem? These outdated workflows introduce delays,
The Hacker News
Cybersecurity researchers have flagged a new malware campaign that has leveraged Scalable Vector Graphics (SVG) files as part of phishing attacks impersonating the Colombian judicial system. The SVG files, according to VirusTotal, are distributed via email and designed to execute an embedded JavaScript payload, which then decodes and injects a Base64-encoded HTML phishing page masquerading as a
The Register
You cut and pasted the machine key from the official documentation? Ouch Unknown miscreants are exploiting a configuration vulnerability in multiple Sitecore products to achieve remote code execution via a publicly exposed key and deploy snooping malware on infected machines.…
The Register
AI agent system said to have found more than 100 zero-day flaws in production apps AI models get slammed for producing sloppy bug reports and burdening open source maintainers with hallucinated issues, but they also have the potential to transform application security through automation.…
Dark Reading
Reports of disruptions at North American plants emerged earlier this week, though the nature of the attack on the tire manufacturer remains unclear.
Dark Reading
Cyberattackers target local and state agencies, a problem as the Trump administration cuts cybersecurity funds and culls workers at federal security agencies.
Dark Reading
The Nonprofit organization launched the Threat Handling Foundations Certificate amid mounting incident and breach disclosures.
Dark Reading
The vulnerability marks the latest example of threat actors weaponizing exposed ASP.NET machine keys for remote injection and deserialization attacks.