2025

Wanted: Junior cybersecurity staff with 10 years’ experience and a PhD

Infosec employers demanding too much from early-career recruits, says ISC2 Cybersecurity hiring managers need a reality check when it comes to hiring junior staff, with job adverts littered with unfair expectations that are hampering recruitment efforts, says industry training and cert issuer ISC2.…

Slapped wrists for Financial Conduct Authority staff who emailed work data home

It was one of the offenders' final warning Four staffers at the UK's Financial Conduct Authority (FCA) were let off with warnings over separate cases involving the transmission of regulator data to their personal email accounts.…

Ransomware scum disrupted utility services with SimpleHelp attacks

Good news: The vendor patched the flaw in January. Bad news: Not everyone got the memo Ransomware criminals infected a utility billing software providers' customers, and in some cases disrupted services, after exploiting unpatched versions of SimpleHelp’s remote monitoring and management (RMM) tool, according to a Thursday CISA…

‘Major compromise’ at NHS temping arm exposed gaping security holes

Incident responders suggested sweeping improvements following Active Directory database heist Exclusive  Cybercriminals broke into systems belonging to the UK's NHS Professionals body in May 2024, stealing its Active Directory database, but the healthcare organization never publicly disclosed it, The Register can reveal.…

DeepSeek installer or just malware in disguise? Click around and find out

'BrowserVenom' is pure poison Suspected cybercriminals have created a fake installer for Chinese AI model DeepSeek-R1 and loaded it with previously unknown malware called "BrowserVenom".…

Hire me! To drop malware on your computer

FIN6 moves from point-of-sale compromise to phishing recruiters In a scam that flips the script on fake IT worker schemes, cybercriminals posing as job seekers on LinkedIn and Indeed are targeting recruiters - a group hated only slightly less than digital crooks - with malware hosted on phony…

Salesforce tags 5 CVEs after SaaS security probe uncovers misconfig risks

The 16 other flagged issues are on customers, says CRM giant Salesforce has assigned five CVE identifiers following a security report that uncovered more than 20 configuration weaknesses, some of which exposed customers to unauthorized access and session hijacking.…

Asia dismantles 20,000 malicious domains in infostealer crackdown

Interpol coordinates operation, nabs 32 across Vietnam, Sri Lanka, and Nauru Thirty-two people across Asia have been arrested over their suspected involvement with infostealer malware in the latest international collaboration against global cybercrime.…

Analysis to action: Operationalizing your threat intelligence

Timing is everything in the war against ransomware thieves, says Prelude Security Partner content  When a new security advisory drops or an alarming new ransomware campaign makes the news, the question from leadership inevitably follows: "Are we covered?"…

Microsoft slows Windows 11 24H2 Patch Tuesday due to a ‘compatibility issue’

On your marks, get set... bork! Microsoft has set a new record with June's security update for the time between release and an admission of borkage.…

Copyright © 2026 Lugapel