The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting the Sudo command-line utility for Linux and Unix-like operating systems to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability in question is CVE-2025-32463 (CVSS score: 9.3), which affects Sudo versions prior to 1.9.17p1. […]

The vast majority of companies hit by ransomware attacks over the past year have paid up, according to an insurance specialist’s report that warns of mixed outcomes for those who do. Business-to-home insurer Hiscox released its annual Cyber Readiness Report against a backdrop of concern over a series of cyber attacks on high profile names […]

When Tony was signed off for burnout from his cybersecurity awareness role at a major UK ecommerce company last year, it had been a long time coming. “Many of us in cyber, we put our hearts into our job. There’s a lot of passion involved.” He had found it progressively harder to sleep, and to […]

The recent cyberattack aimed at aerospace and defense company Collins Aerospace, which has caused significant disruptions at major airports in Europe, reportedly involved a piece of ransomware known as HardBit. The HardBit ransomware emerged in October 2022 and it came into the spotlight a few months later when it emerged that the cybercriminals were willing to negotiate […]

If you work in cybersecurity, you’ve probably heard the time-honored adage about cyber attacks: “It’s not a matter of if, but when.” Perhaps a better way to think of it is this: while training, experience, and familiarity with social engineering techniques help, anyone can fall for a well-constructed ruse. Everyone – including security researchers – has a vulnerability that […]

The EU’s cyber security agency says criminals are using ransomware to cause chaos in airports around the world. Several of Europe’s busiest airports have spent the past few days trying to restore normal operations, after a cyber-attack on Friday disrupted their automatic check-in and boarding software. The European Union Agency for Cybersecurity, ENISA, told the […]

Microsoft on Tuesday announced that it had dismantled the infrastructure behind a major phishing-as-a-service operation that had powered attacks on healthcare organizations around the world. The operation, which Microsoft dubbed “Raccoon0365,” sold subscription-based phishing kits that allowed unsophisticated cybercriminals to steal Microsoft 365 account usernames and passwords, the company said in a blog post. It estimated […]

Lawyer Henry Clack sadly knows a lot about Nigerian criminal gangs. Mr Clack, a solicitor at London-based commercial law firm HFW, has to deal with them when he is representing global shipping firms that have found themselves victims of cyber attacks. “Of the cases which HFW have been involved in, the most common counterparties that […]

A former top cybersecurity executive at WhatsApp filed a lawsuit on Monday alleging that parent company Meta disregarded internal flaws in the app’s digital defenses and exposed billions of its users. He says the company systematically violated cybersecurity regulations and retaliated against him for reporting the failures. Attaullah Baig, who served as head of security for WhatsApp from 2021 to 2025, […]

Corporate strategy will need to take these potential issues into account, both by shielding who owns the data and by preventing AI from becoming a security breach. It was one of the viral tech news stories at the start of July when WeTransfer, the popular file sharing service used massively by companies and end users […]