If you are recruiting for a Field CISO, Field CTO, etc., or are looking to leverage a resource at your company in one of these roles, what are some things you should be aware of? The post What Makes a Great Field CXO: Lessons from the Front Lines appeared firstRead More »What Makes a Great Field CXO: Lessons from the Front Lines
Jewett-Cameron Company says hackers stole sensitive information and are threatening to release it unless a ransom is paid. The post Fencing and Pet Company Jewett-Cameron Hit by Ransomware appeared first on SecurityWeek.
Interesting article on people with nonstandard faces and how facial recognition systems fail for them. Some of those living with facial differences tell WIRED they have undergone multiple surgeries and experienced stigma for their entire lives, which is now being echoed by the technology they are forced to interact with.Read More »Failures in Face Recognition
The Critical Patch Update contains 374 new security patches that resolve many vulnerabilities. The post Oracle Releases October 2025 Patches appeared first on SecurityWeek.
Executive summary From August 26 to 27, 2025, BetterBank, a decentralized finance (DeFi) protocol operating on the PulseChain network, fell victim to a sophisticated exploit involving liquidity manipulation and reward minting. The attack resulted in an initial loss of approximately $5 million in digital assets. Following on-chain negotiations, the attackerRead More »Deep analysis of the flaw in BetterBank reward logic
The advice didn’t change for decades: use complex passwords with uppercase, lowercase, numbers, and symbols. The idea is to make passwords harder for hackers to crack via brute force methods. But more recent guidance shows our focus should be on password length, rather than complexity. Length is the more importantRead More »Why You Should Swap Passwords for Passphrases
Government, financial, and industrial organizations located in Asia, Africa, and Latin America are the target of a new campaign dubbed PassiveNeuron, according to findings from Kaspersky. The cyber espionage activity was first flagged by the Russian cybersecurity vendor in November 2024, when it disclosed a set of attacks aimed atRead More »Researchers Identify PassiveNeuron APT Using Neursite and NeuralExecutor Malware
Participants exploited 34 previously unknown vulnerabilities to hack printers, NAS devices, and smart home products. The post Hackers Earn Over $520,000 on First Day of Pwn2Own Ireland 2025 appeared first on SecurityWeek.
Cybersecurity researchers have disclosed details of a high-severity flaw impacting the popular async-tar Rust library and its forks, including tokio-tar, that could result in remote code execution under certain conditions. The vulnerability, tracked as CVE-2025-62518 (CVSS score: 8.1), has been codenamed TARmageddon by Edera, which discovered the issue in lateRead More »TARmageddon Flaw in Async-Tar Rust Library Could Enable Remote Code Execution
Envoy Air, subsidiary of American Airlines, experienced a cyberattack.
