On Monday, the International Criminal Court (ICC) announced that it’s investigating a new “sophisticated” cyberattack that targeted its systems last week. […]
US disrupts North Korean IT worker “laptop farm” scheme in 16 states
The U.S. Department of Justice (DoJ) announced coordinated law enforcement actions against North Korean government’s fund raising operations using remote IT workers. […]
New Flaw in IDEs Like Visual Studio Code Lets Malicious Extensions Bypass Verified Status
A new study of integrated development environments (IDEs) like Microsoft Visual Studio Code, Visual Studio, IntelliJ IDEA, and Cursor has revealed weaknesses in how they handle the extension verification process, ultimately enabling attackers to execute malicious code on developer machines.
“We discovered that flawed verification checks in Visual Studio Code allow publishers to add functionality
“We discovered that flawed verification checks in Visual Studio Code allow publishers to add functionality
Esse Health says recent data breach affects over 263,000 patients
Esse Health, a healthcare provider based in St. Louis, Missouri, is notifying over 263,000 patients that their personal and health information was stolen in an April cyberattack. […]
Critical Microsens Product Flaws Allow Hackers to Go ‘From Zero to Hero’
CISA has informed organizations about critical authentication bypass and remote code execution vulnerabilities in Microsens NMP Web+.
The post Critical Microsens Product Flaws Allow Hackers to Go ‘From Zero to Hero’ appeared first on SecurityWeek.
LevelBlue to Acquire Trustwave to Create Major MSSP
LevelBlue has announced plans to acquire Trustwave to create the largest pure-play managed security services provider (MSSP).
The post LevelBlue to Acquire Trustwave to Create Major MSSP appeared first on SecurityWeek.
Johnson Controls starts notifying people affected by 2023 breach
Building automation giant Johnson Controls is notifying individuals whose data was stolen in a massive ransomware attack that impacted the company’s operations worldwide in September 2023. […]
A New Maturity Model for Browser Security: Closing the Last-Mile Risk
Despite years of investment in Zero Trust, SSE, and endpoint protection, many enterprises are still leaving one critical layer exposed: the browser.
It’s where 85% of modern work now happens. It’s also where copy/paste actions, unsanctioned GenAI usage, rogue extensions, and personal devices create a risk surface that most security stacks weren’t designed to handle. For security leaders who know
It’s where 85% of modern work now happens. It’s also where copy/paste actions, unsanctioned GenAI usage, rogue extensions, and personal devices create a risk surface that most security stacks weren’t designed to handle. For security leaders who know
Google fixes fourth actively exploited Chrome zero-day of 2025
Google has released emergency updates to patch another Chrome zero-day vulnerability exploited in attacks, marking the fourth such flaw fixed since the start of the year. […]
263,000 Impacted by Esse Health Data Breach
Esse Health says the personal information of over 263,000 individuals was stolen in an April 2025 cyberattack.
The post 263,000 Impacted by Esse Health Data Breach appeared first on SecurityWeek.