Network SecurityMicrosoft fixes 66 bugs in latest Patch Tuesday, 10 rated ‘critical’Shaun NicholsJune 10, 2025Two of the flaws have a CVSS score of 8.8, with one under active exploitation.
Network SecurityThousands of organizations at risk by Salesforce Industry Cloud bugsSteve ZurierJune 10, 2025Five zero-days, 15 misconfigurations could impact businesses using Salesforce services.
PhishingFacebook malvertising reveals 4K domains spoofing 68 brandsLaura FrenchJune 10, 2025The Meta Ad Library does not retain all inactive ads, hindering analysis.
IdentityTrump executive order alters Biden-era cybersecurity regulationsShaun NicholsJune 10, 2025Order could have a ripple effect on private-sector identity management for contractors.
Threat IntelligenceComplex npm attack uses 7-plus layers of obfuscation to spread Pulsar RATLaura FrenchJune 9, 2025The package uses Japanese Unicode characters, hex encoding, Base64 and more to hide its actions.
Critical Infrastructure SecurityFailed attack on SentinelOne reveals campaign by China-linked groupsSteve ZurierJune 9, 2025Case underscores that security vendors at risk of attack, as are other industries.
Application securityFake npm utilities remotely delete entire app directoriesLaura FrenchJune 6, 2025The malicious packages create backdoor endpoints and act as wipers when activated.
Application securityChrome extensions transmit sensitive data over HTTP, leak API keysSteve ZurierJune 6, 2025Security pros warn that the leaked data could be used to launch profiling, phishing, or other targeted attacks.
Threat Intelligence0-click exploitation of iMessage nickname feature revealedLaura FrenchJune 5, 2025The now-resolved issue was potentially used to target high-profile individuals, researchers say.
IdentitySecuring AI agent identities crucial to enterprises, says research firmKaren "Pepper" HoffmanJune 5, 2025Agentic identity and security platforms (AISP) are quickly becoming the standard for security, says Aragon Research.
