Over 3,300 Citrix NetScaler devices remain unpatched against a critical vulnerability that allows attackers to bypass authentication by hijacking user sessions, nearly two months after patches were released. […]
275M patient records breached—How to meet HIPAA password manager requirements
Healthcare led all industries in 2024 breaches—over 275M patient records exposed, mostly via weak or stolen passwords. See how the self-hosted password manager by Passwork helps providers meet HIPAA requirements, protect ePHI, and keep healthcare running. Try it free for 1 month. […]
Windows 11 23H2 Home and Pro reach end of support in November
Microsoft announced today that systems running Home and Pro editions of Windows 11 23H2 will stop receiving updates in three months. […]
New ‘Curly COMrades’ APT Using NGEN COM Hijacking in Georgia, Moldova Attacks
A previously undocumented threat actor dubbed Curly COMrades has been observed targeting entities in Georgia and Moldova as part of a cyber espionage campaign designed to facilitate long-term access to target networks.
“They repeatedly tried to extract the NTDS database from domain controllers — the primary repository for user password hashes and authentication data in a Windows network,”
“They repeatedly tried to extract the NTDS database from domain controllers — the primary repository for user password hashes and authentication data in a Windows network,”
1Kosmos Raises $57 Million for Identity Verification and Authentication Platform
1Kosmos has raised $57 million in Series B funding, which brings the total raised by the company to $72 million.
The post 1Kosmos Raises $57 Million for Identity Verification and Authentication Platform appeared first on SecurityWeek.
CodeSecCon Is Today: Where Software Security’s Next Chapter Unfolds (Virtual Event)
Taking place August 12-13, CodeSecCon is the premier virtual event bringing together developers and cybersecurity professionals to revolutionize the way applications are built, secured, and maintained.
The post CodeSecCon Is Today: Where Software Security’s Next Chapter Unfolds (Virtual Event) appeared first on SecurityWeek.
Manpower discloses data breach affecting nearly 145,000 people
Manpower, one of the world’s largest staffing companies, is notifying nearly 145,000 individuals that their information was stolen by attackers who breached the company’s systems in December 2024. […]
SAP Patches Critical S/4HANA Vulnerability
SAP has released 15 new security notes on the August 2025 Patch Tuesday, including for critical vulnerabilities.
The post SAP Patches Critical S/4HANA Vulnerability appeared first on SecurityWeek.
Saint Paul cyberattack linked to Interlock ransomware gang
The mayor of Saint Paul, Minnesota’s capital city, has confirmed that the Interlock ransomware gang is responsible for a cyberattack that disrupted many of the city’s systems and services in July. […]
The Ultimate Battle: Enterprise Browsers vs. Secure Browser Extensions
Most security tools can’t see what happens inside the browser, but that’s where the majority of work, and risk, now lives. Security leaders deciding how to close that gap often face a choice: deploy a dedicated Enterprise Browser or add an enterprise-grade control layer to the browsers employees already use and trust.
The Ultimate Battle: Enterprise Browsers vs. Enterprise Browser Extensions
The Ultimate Battle: Enterprise Browsers vs. Enterprise Browser Extensions