#in-house-security
#in-house-security

1 hour ago

Privacy professionals

Nightclub Giant RCI Hospitality Reports Data Breach

Remote teams

OPM seeks cybersecurity talent to join Tech Force

Silicon Valley

The Dumbest Hack of the Year Exposed a Very Real Problem

fromYahoo Tech

Privacy technologies

Hackers Are Using Your Home Router to Spy on Microsoft 365 Users

Healthcare

fromBoston.com

Signature Healthcare in Brockton hit by cybersecurity incident

Signature Healthcare is managing a cybersecurity incident, affecting some services while maintaining inpatient and emergency care.

5 hours ago

CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software

CISA added six security flaws to its KEV catalog due to evidence of active exploitation.

1 hour ago

Nightclub Giant RCI Hospitality Reports Data Breach

RCI Hospitality Holdings reported a cybersecurity incident exposing sensitive personal information of independent contractors due to an IDOR vulnerability.

Remote teams

OPM seeks cybersecurity talent to join Tech Force

Silicon Valley

The Dumbest Hack of the Year Exposed a Very Real Problem

A cyberattack in Silicon Valley exploited weak passwords to spoof crosswalk button recordings with voices of tech CEOs, raising security concerns.

Privacy technologies

fromYahoo Tech

Hackers Are Using Your Home Router to Spy on Microsoft 365 Users

Russian spies exploited consumer routers to steal Microsoft 365 credentials from thousands of users, turning home devices into espionage tools.

Healthcare

fromBoston.com

Signature Healthcare in Brockton hit by cybersecurity incident

Signature Healthcare is managing a cybersecurity incident, affecting some services while maintaining inpatient and emergency care.

5 hours ago

CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software

CISA added six security flaws to its KEV catalog due to evidence of active exploitation.

In a Public Crisis, What You Prioritize Determines Whether You Execute or Stall

In a crisis, leaders must discern which voices matter to maintain control and focus on relevant stakeholders.

#ai-governance

13 hours ago

Fortune

AI agents operate autonomously, creating governance gaps and enterprise risk as organizations struggle to manage their authority and actions.

fromeLearning Industry

Custom AI Governance Services: The Missing Piece In Your L&D Strategy

Many L&D teams adopt AI tools without ensuring fairness, transparency, and accountability in their training programs.

13 hours ago

Fortune

AI agents operate autonomously, creating governance gaps and enterprise risk as organizations struggle to manage their authority and actions.

fromeLearning Industry

Custom AI Governance Services: The Missing Piece In Your L&D Strategy

Many L&D teams adopt AI tools without ensuring fairness, transparency, and accountability in their training programs.

The retention risk AI misses

Job-hopping is prevalent among younger workers, necessitating companies to continuously earn employee retention through purpose and growth.

#data-breach

EU data protection

fromTNW | Data-Security

Basic-Fit hit by hack affecting members across multiple countries, including 200,000 in the Netherlands

Basic-Fit experienced a data breach affecting 200,000 members, exposing personal and bank details but not passwords or identity documents.

20 hours ago

Hack at Anodot leaves over a dozen breached companies facing extortion | TechCrunch

Hackers stole data from multiple companies after breaching Anodot, exposing customers to extortion and potential data publication.

Capita's pension portal exposes civil servants' private data

Capita limited online functionality of the Civil Service Pensions Scheme member portal after a data breach exposed personal information of public sector workers.

Hackers steal and leak sensitive LAPD police documents | TechCrunch

Cybercriminals leaked sensitive LAPD documents online, including personnel files and internal investigations, allegedly by the extortion gang World Leaks.

The company's biggest security hole lived in the breakroom

An internet-connected coffee machine caused a major data breach by exploiting security vulnerabilities in a corporate network.

EU data protection

fromTNW | Data-Security

Basic-Fit hit by hack affecting members across multiple countries, including 200,000 in the Netherlands

Basic-Fit experienced a data breach affecting 200,000 members, exposing personal and bank details but not passwords or identity documents.

20 hours ago

Hack at Anodot leaves over a dozen breached companies facing extortion | TechCrunch

Hackers stole data from multiple companies after breaching Anodot, exposing customers to extortion and potential data publication.

Capita's pension portal exposes civil servants' private data

Capita limited online functionality of the Civil Service Pensions Scheme member portal after a data breach exposed personal information of public sector workers.

Hackers steal and leak sensitive LAPD police documents | TechCrunch

Cybercriminals leaked sensitive LAPD documents online, including personnel files and internal investigations, allegedly by the extortion gang World Leaks.

fromwww.independent.co.uk

The company's biggest security hole lived in the breakroom

An internet-connected coffee machine caused a major data breach by exploiting security vulnerabilities in a corporate network.

more#data-breach

UK news

Phone firms should use technology to stop children taking nudes, police chief says

Tech firms must enhance children's online safety by preventing the creation of nude images on their devices, according to law enforcement officials.

Education

School's Out, But Security's Not: Preparing for K-12 Summertime Security

Summer vacation does not reduce security threats in K-12 environments; instead, the nature of risks changes significantly.

#ai

fromwww.npr.org

US news

How AI is getting better at finding security holes

Information security

Runtime security becomes critical as AI accelerates threats

fromFast Company

Artificial intelligence

Is Mythos a blessing or a curse for cybersecurity? It depends on whom you ask

Anthropic's Mythos is a wake up call, but experts say the era of AI-driven hacking is already here | Fortune

Anthropic's Mythos AI model is too dangerous to release widely due to its ability to exploit software vulnerabilities.

fromwww.theguardian.com

Information security

Anthropic says its latest AI model can expose weaknesses in software security

Claude Mythos exposes thousands of software vulnerabilities, prompting Anthropic to limit its release and collaborate with cybersecurity specialists.

fromwww.npr.org

US news

How AI is getting better at finding security holes

Runtime security becomes critical as AI accelerates threats

Artificial intelligence accelerates innovation and cyber threats, necessitating a focus on runtime security for effective enterprise protection.

fromFast Company

Is Mythos a blessing or a curse for cybersecurity? It depends on whom you ask

Claude Mythos AI model may enhance cybersecurity defenses but also poses risks for hackers due to its ability to identify vulnerabilities and create exploits.

Anthropic's Mythos is a wake up call, but experts say the era of AI-driven hacking is already here | Fortune

Anthropic's Mythos AI model is too dangerous to release widely due to its ability to exploit software vulnerabilities.

fromwww.theguardian.com

Anthropic says its latest AI model can expose weaknesses in software security

Claude Mythos exposes thousands of software vulnerabilities, prompting Anthropic to limit its release and collaborate with cybersecurity specialists.

Computer engineer claims he was penalised for flagging Israeli links of firm given 'bananas' server access at top Irish cybersecurity company

A cyber-security firm reprimanded an engineer for discriminatory comments regarding an Israeli company's access to its servers amid concerns about Palestinian genocide.

SF politics

Politicians Are Spending More Money on Security as They Increasingly Become Targets

Federal campaign spending on security for the 2024 election cycle exceeds five times that of the 2016 election due to rising threats against public servants.

fromArs Technica

Your tech support company runs scams. Stop-or disguise with more fraud?

Tech Live Connect processed fraudulent charges using real customer data, including names and addresses, to make the charges appear legitimate and maintain a low chargeback ratio.

Privacy professionals

23 hours ago

Gym giant Basic-Fit breached with at least 1M affected

Basic-Fit has confirmed that around 200,000 members in the Netherlands had their data stolen in a recent cyberattack, with a total of about one million affected across six countries.

EU data protection

Careers

fromComputerWeekly.com

Businesses are paying the price for CISO burnout | Computer Weekly

Burnout among CISOs poses significant risks to businesses, driven by overwhelming responsibilities and rising cyber threats.

US news

Top Secret Clearance Holder Charged With Leaking Classified National Defense Information

Courtney Williams was arrested for allegedly sharing classified national defense information with unauthorized individuals, including a journalist, from 2022 to 2025.

1 hour ago

Analysis of 216M Security Findings Shows a 4x Increase In Critical Risk (2026 Report)

Critical risk findings surged by nearly 400% amid a 52% increase in raw alert volume, driven by AI-assisted development.

Business intelligence

Beyond Locking Doors

Access control systems provide valuable data that enhances operational efficiency and decision-making beyond just security.

Remote teams

from3blmedia

Why Traditional Evacuation Plans Fall Short in Hybrid Work

Hybrid work complicates evacuation plans, creating gaps when designated safety personnel are absent, necessitating a shift to more inclusive safety strategies.

fromPrivacy International

21 hours ago

BrowserGate: Claims of LinkedIn 'Spying' Clash With Security Research Findings

LinkedIn allegedly scans users' computers to collect data on browser extensions, raising concerns about corporate espionage.

US news

Dangerous data

US police misuse warrantless access to personal data, leading to wrongful arrests and life-altering consequences for innocent individuals.

Podcast

What Does It Take to Be an Outstanding CSO or CISO?

Outstanding security leaders often come from non-traditional backgrounds, with 40% of recent CSO-CISO Hall of Fame honorees starting in the private sector.

SF politics

New contract for background investigations raises concerns about scale and risk

DCSA is modernizing its Case Processing Operations Center to enhance background investigations and incorporate Continuous Vetting for national security.

Online Community Development

The Hidden ROI of Visibility: Better Decisions, Better Behavior, Better Security

Visibility through security measures can deter undesirable behavior and enhance safety in challenging situations.

Is Crowdsourcing Your Security Plan a Career Risk?

Crowdsourcing security plans can damage credibility if not approached intentionally.

#physical-security

fromLondon Business News | Londonlovesbusiness.com

Physical Security in Global Arenas: How AI Improves Security at Scale

Agentic physical security uses AI to transform surveillance into proactive threat prevention at large events.

Business

Why UK businesses are taking physical security more seriously - London Business News | Londonlovesbusiness.com

Information security

10 Different Ways to Secure Your Business Premises

fromLondon Business News | Londonlovesbusiness.com

Physical Security in Global Arenas: How AI Improves Security at Scale

Agentic physical security uses AI to transform surveillance into proactive threat prevention at large events.

Business

Why UK businesses are taking physical security more seriously - London Business News | Londonlovesbusiness.com

Information security

10 Different Ways to Secure Your Business Premises

more#physical-security

Remote teams

Security contractor blew the whistle on shabby support crew

Brad, a security contractor, faced challenges with antivirus alerts while working in a labor hire company's office without proper IT support.

Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities

CISA expanded its Known Exploited Vulnerabilities catalog with seven new vulnerabilities, including critical Windows and Adobe flaws.

CISA Flags Critical PTC Vulnerability That Had German Police Mobilized

CISA warns of a critical vulnerability in PTC's Windchill software, with potential for exploitation despite no current evidence of attacks.

2 hours ago

Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities

CISA expanded its Known Exploited Vulnerabilities catalog with seven new vulnerabilities, including critical Windows and Adobe flaws.

CISA Flags Critical PTC Vulnerability That Had German Police Mobilized

CISA warns of a critical vulnerability in PTC's Windchill software, with potential for exploitation despite no current evidence of attacks.

more#cisa

Men Are Buying Hacking Tools to Use Against Their Wives and Friends

Telegram groups facilitate the sale of hacking and surveillance services, promoting abusive content targeting women and girls.

Remote teams

fromCity AM

The Debate: Is employee tracking justified in the modern workplace?

Tracking junior employees' work hours ensures accountability and productivity, addressing issues of underreporting and resource allocation.

OpenAI replaces certificates following Axios incident

OpenAI renewed its macOS certificates as a precaution after a third-party tool vulnerability, though no user data was compromised.

OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack

OpenAI was affected by a supply chain attack involving malicious Axios packages attributed to North Korean hackers.

4 hours ago

OpenAI replaces certificates following Axios incident

OpenAI renewed its macOS certificates as a precaution after a third-party tool vulnerability, though no user data was compromised.

OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack

OpenAI was affected by a supply chain attack involving malicious Axios packages attributed to North Korean hackers.

more#openai

fromInfoWorld

The agent security mess

Most granted permissions are unused by humans, but AI agents will exploit them, leading to significant security risks.

fromBitcoin Magazine

17 hours ago

Crypto Exchange Kraken Faces Extortion Attempt After Insider Access Incidents Involving Support Staff

Kraken experienced two insider-related security incidents but confirmed no systems were breached and no client funds were at risk.

Fake Claude Website Distributes PlugX RAT

A fake Anthropic Claude website distributed a remote access trojan disguised as a legitimate application download.

13 hours ago

Ransomware scum, other crims exploit 4 old Microsoft bugs

Four Microsoft vulnerabilities are actively exploited, including one from 2012, prompting CISA to urge federal agencies to patch them within two weeks.

16 hours ago

FBI announces takedown of phishing operation that targeted thousands of victims | TechCrunch

The FBI dismantled a global phishing operation, W3LL, targeting over 17,000 victims and facilitating over $20 million in fraud.

Miscellaneous

Rolling out AI? 5 security tactics your business can't get wrong - and why

AI's useful capabilities also make it exploitable, requiring professionals to balance security with competitive implementation through knowledge sharing, partnerships, and automation.

Cisco aims to make AI agents safer with proposed acquisition of Astrix

Cisco is pursuing an acquisition of Astrix Security to enhance its AI security capabilities.

fromMedCity News

The Evolving Landscape of Privacy and Cybersecurity: Essential Strategies for Legal and Compliance Professionals - MedCity News

Organizations must combine strong controls with comprehensive employee training and accountability culture to effectively protect sensitive data and comply with evolving privacy laws.

MITRE Releases Fight Fraud Framework

"These incidents involve the intentional use of deceptive or illegal practices to fraudulently obtain money, assets, or information from individuals or institutions, and include actions carried out over cyber channels."

Information security

Data is a strategic asset and a strategic vulnerability

Data is a primary strategic asset in national security, transforming into both a powerful tool and a critical vulnerability.

fromEntrepreneur

Information security

How to Keep Your Company's Data Out of the Wrong Hands

Data is a strategic asset and a strategic vulnerability

Data is a primary strategic asset in national security, transforming into both a powerful tool and a critical vulnerability.

fromEntrepreneur

Information security

How to Keep Your Company's Data Out of the Wrong Hands

Why Operationalizing AI Security Is the Next Great Enterprise Hurdle

Security operations lag behind rapid tech advancements, leading to inefficiencies and risks in managing numerous security tools.

Critical Marimo Flaw Exploited Hours After Public Disclosure

A critical vulnerability in Marimo was exploited within hours of its public disclosure, allowing unauthenticated remote code execution.

Orthanc DICOM Vulnerabilities Lead to Crashes, RCE

Nine vulnerabilities in the Orthanc DICOM server allow attackers to crash servers, leak data, and execute arbitrary code remotely.

Ransomware Response: How Businesses Regain Control Under Pressure

Ransomware attacks create urgent pressure, forcing quick decisions and impacting operations, legal obligations, and overall enterprise strategy.

The Hidden Security Risks of Shadow AI in Enterprises

Shadow AI poses significant risks by allowing unregulated use of AI tools that can expose sensitive data and weaken security controls.

The Hidden Cost of Recurring Credential Incidents

Credential incidents cause significant operational costs and disruptions, impacting IT teams and overall business productivity beyond just breach prevention.

The New Rules of Engagement: Matching Agentic Attack Speed

AI-enabled cyberattacks are currently occurring, with significant impacts on organizations and a widening gap between attackers and defenders.

1 in 2 security leaders say they're not ready for AI attacks - 4 actions to take now

AI-powered cybercrime is a significant and growing threat to businesses, with many feeling unprotected.

Information security

The biggest AI threats come from within - 12 ways to defend your organization

The New Rules of Engagement: Matching Agentic Attack Speed

AI-enabled cyberattacks are currently occurring, with significant impacts on organizations and a widening gap between attackers and defenders.

1 in 2 security leaders say they're not ready for AI attacks - 4 actions to take now

AI-powered cybercrime is a significant and growing threat to businesses, with many feeling unprotected.

Information security

The biggest AI threats come from within - 12 ways to defend your organization

more#ai-cybersecurity

Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)

Enterprise IAM faces fragmentation, leading to Identity Dark Matter and a significant gap in visibility and security oversight.

Critical Flowise Vulnerability in Attacker Crosshairs

A critical vulnerability in Flowise allows remote code execution, posing severe security risks to systems and sensitive data.

Mobile Attack Surface Expands as Enterprises Lose Control

Mobile device security is inadequate, with many organizations using critically outdated operating systems and exposing sensitive data to potential attacks.

#executive-protection

The Rising Tide of Executive Protection: Corporations Ramp Up Security in an Era of Heightened Threats

Companies are increasingly investing in executive protection due to rising threats, making it a strategic necessity for business continuity and resilience.

Information security

How to Safeguard Executives Through Proactive Planning and Managing Online Presence

The Rising Tide of Executive Protection: Corporations Ramp Up Security in an Era of Heightened Threats

Companies are increasingly investing in executive protection due to rising threats, making it a strategic necessity for business continuity and resilience.

more#executive-protection

Information security

How to Safeguard Executives Through Proactive Planning and Managing Online Presence

The Next Cybersecurity Crisis Isn't Breaches-It's Data You Can't Trust

Data integrity now encompasses data trust, emphasizing the importance of reliable data in AI-driven decision-making.

How to build an effective employee phishing training program in 2026

Effective employee phishing training programs focus on behavior change and continuous education to reduce security risks and improve reporting rates.

Discussing Use of Force in Security: A Challenging Discussion?

Use of force in security cannot be entirely avoided but should be deployed only as a last resort when lesser options fail, requiring comprehensive training in tactics, de-escalation, and legal authority.

Why Security Culture Metrics Matter More Than Dashboards

Traditional cybersecurity metrics create false confidence by masking hidden risks; culture metrics measuring employee engagement and responsiveness are essential for actual security effectiveness.

The Great Security Culture Shift: Building a Proactive Defense in an Era of Advanced Threats and Social Engineering

Hackers exploit DLL side-loading on trusted platforms like LinkedIn to deliver malware through seemingly legitimate file attachments, bypassing traditional security defenses and compromising entire corporate networks.

Enhancing Incident Response with Integrated Access Control and Video Verification

Integrated access control and video verification technology enhance incident response capabilities and operational resilience by providing situational clarity and enabling faster security action.

Five Top Tips for Building a Strong Security Culture

Building security into the framework of an organization prevents security from being seen as a barrier to daily activities. If an employee feels as if a security measure is inhibiting them from completing their daily tasks, they're far more likely to find a way around that measure. This can range from propping open a door to using the same easy-to-remember password for every account.

Information security

Understanding Breaches Before and After They Happen: What Every Organization Should Know

Most security breaches result from neglected fundamentals—human error, unpatched systems, weak authentication, and poor network segmentation—rather than advanced, novel exploits.

Security Convergence and The Human Error

Human error causes the majority of data breaches, driven by skill- and decision-based mistakes, employee negligence, and basic security vulnerabilities like weak passwords.

Human-related security risks rose 90% in 2025

Human-related cybersecurity incidents surged 90% in 2025, driven by email-based attacks, employee mistakes, insider threats, and increasing AI and deepfake exploitation.