Cybersecurity regulations are facing a tipping point. There are too many and they are too complex to manage – and it’s getting worse. The post Cyber Insights 2025: Cybersecurity Regulatory Mayhem appeared first on SecurityWeek.

Opengrep is a new consortium-backed fork of Semgrep, intended to be and remain a true genuine OSS SAST tool. The post Endor Labs and Allies Launch Opengrep, Reviving True OSS for SAST appeared first on SecurityWeek.

Industrial automation protocols continue to be the most targeted in OT attacks, but building automation systems have been increasingly targeted.  The post Building Automation Protocols Increasingly Targeted in OT Attacks: Report appeared first on SecurityWeek.

UK telecommunications company TalkTalk is investigating a third-party supplier data breach after a threat actor began selling alleged customer data on a hacking forum. […]

New York State has announced a $2,000,000 settlement with PayPal over charges it failed to comply with the state’s cybersecurity regulations, leading to a 2022 data breach. […]

A Travers’ beaked whale (Mesoplodon traversii) washed ashore in New Zealand, and scientists conlcuded that “the prevalence of squid remains [in its stomachs] suggests that these deep-sea cephalopods form a significant part of the whale’s diet, similar to other beaked whale species.” Blog moderation policy.

Zyxel is warning that a bad security signature update is causing critical errors for USG FLEX or ATP Series firewalls, including putting the device into a boot loop. […]

Microsoft has reminded Windows administrators that driver synchronization in Windows Server Update Services (WSUS) will be deprecated on April 18, 90 days from now. […]

Security researchers have discovered an arbitrary account takeover flaw in Subaru’s Starlink service that could let attackers track, control, and hijack vehicles in the United States, Canada, and Japan using just a license plate. […]