2025

Infosec pros tell Trump to quit bullying Chris Krebs – it’s undermining security

Top voices warn that political retaliation puts democracy and national defense at risk The Electronic Frontier Foundation (EFF) and numerous infosec leaders are lobbying US President Donald Trump to drop his enduring investigation into Chris Krebs, claiming that targeting the former CISA boss amounts to bullying.…

China is using AI to sharpen every link in its attack chain, FBI warns

Artificial intelligence is helping Beijing's goons break in faster and stay longer RSAC  The biggest threat to US critical infrastructure, according to FBI Deputy Assistant Director Cynthia Kaiser, can be summed up in one word: "China."…

The one interview question that will protect you from North Korean fake workers

FBI and others list how to spot NK infiltrators, but AI will make it harder RSAC  Concerned a new recruit might be a North Korean stooge out to steal intellectual property and then hit an org with malware? There is an answer, for the moment at least.…

From 112K to 4M folks’ data – HR biz attack goes from bad to mega bad

It took a 1 year+ probe, plenty of client calls for VeriSource to understand just how much of a yikes it has on its hands Houston-based VeriSource Services' long-running probe into a February 2024 digital break-in shows the data of 4 million people – not just a few…

Back online after ‘catastrophic’ attack, 4chan says it’s too broke for good IT

Image board hints that rumors of a poorly maintained back end may be true Clearweb cesspit 4chan is back up and running, but says the damage caused by a cyberattack earlier this month was "catastrophic."…

Microsoft pitches pay-to-patch reboot reduction subscription for Windows Server 2025

Redmond reckons $1.50/core/month hotpatch service is worth it to avoid eight Patch Tuesday scrambles each year Microsoft has announced that its preview of hotpatching for on-prem Windows Server 2025 will become a paid subscription service in July.…

Samsung admits Galaxy devices can leak passwords through clipboard wormhole

PLUS: Microsoft fixes messes China used to attack it; Mitre adds ESXi advice; Employee-tracking screenshots leak; and more! Infosec in brief  Samsung has warned that some of its Galaxy devices store passwords in plaintext.…

Signalgate lessons learned: If creating a culture of security is the goal, America is screwed

Infosec is a team sport … unless you're in the White House Opinion  Just when it seems they couldn't be that careless, US officials tasked with defending the nation go and do something else that puts American critical infrastructure, national security, and troops' lives in danger.…

Amid CVE funding fumble, ‘we were mushrooms, kept in the dark,’ says board member

What next for US-bankrolled vulnerability tracker? It's edging closer to a more independent, global future Kent Landfield, a founding member of the Common Vulnerabilities and Exposures (CVE) program and member of the board, learned through social media that the system he helped create was just hours away from…

More Ivanti attacks may be on horizon, say experts who are seeing 9x surge in endpoint scans

GreyNoise says it is the kind of activity that typically precedes new vulnerability disclosures Ivanti VPN users should stay alert as IP scanning for the vendor's Connect Secure and Pulse Secure systems surged by 800 percent last week, according to threat intel biz GreyNoise.…

Copyright © 2026 Lugapel