PoC exploit for critical Erlang/OTP SSH bug is public (CVE-2025-32433)
There are now several public proof-of-concept (PoC) exploits for a maximum-severity vulnerability in the Erlang/OTP SSH server (CVE-2025-32433) unveiled last week. “All …
The legal blind spot of shadow IT
Shadow IT isn’t just a security risk, it’s a legal one. When teams use unsanctioned tools, they can trigger compliance violations, expose sensitive data, or break contracts. …
Email authentication simplified: How PowerDMARC makes DMARC effortless
Email is still the top way attackers get into organizations. Now, big players like Google, Yahoo, and Microsoft are cracking down. They’re starting to require email …
The C-suite gap that’s putting your company at risk
New research from EY US shows that cyber attacks are creating serious financial risks. C-suite leaders don’t always agree on how exposed their companies are or where the …
What school IT admins are up against, and how to help them win
School IT admins are doing tough, important work under difficult conditions. From keeping Wi-Fi stable during exams to locking down systems from phishing emails, their job is …
Compliance weighs heavily on security and GRC teams
Only 29% of all organizations say their compliance programs consistently meet internal and external standards, according to Swimlane. Their report reveals that fragmented …
Oracle releases Unbreakable Enterprise Kernel 8 (UEK 8)
Oracle has released version 8 of its Unbreakable Enterprise Kernel (UEK), a custom Linux kernel built for Oracle Linux. UEK 8 includes updates to memory management, better …
Hawk Eye: Open-source scanner uncovers secrets and PII across platforms
Hawk Eye is an open-source tool that helps find sensitive data before it leaks. It runs from the command line and checks many types of storage for PII and secrets: passwords, …
Cybercriminals blend AI and social engineering to bypass detection
Attackers are focusing more on stealing identities. Because of this, companies need to use zero trust principles. They should also verify user identities more carefully, says …
Cyber threats now a daily reality for one in three businesses
Businesses are losing out on an average of $98.5 million a year as a consequence of cyber threats, fraud, regulatory hurdles and operational inefficiencies, according to …
Why CISOs are watching the GenAI supply chain shift closely
In supply chain operations, GenAI is gaining traction. But according to Logility’s Supply Chain Horizons 2025 report, many security leaders remain uneasy about what that means …
Week in review: LLM package hallucinations harm supply chains, Nagios Log Server flaws fixed
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Apple plugs zero-day holes used in targeted iPhone attacks (CVE-2025-31200, …
Featured news
Resources
Don't miss
- Five identity-driven shifts reshaping enterprise security in 2026
- What if your face could say “don’t record me”? Researchers think it’s possible
- Conjur: Open-source secrets management and application identity
- Counterfeit defenses built on paper have blind spots
- Budding infosec pros and aspiring cyber crooks targeted with fake PoC exploits