Microsoft says you don’t need another email security tool; experts say, not so fast

New benchmark claims Microsoft Defender catches nearly all malicious email on its own, with integrated third-party tools improving detections by less than 1%, but security experts say these numbers...

Cyberattack sees crops kept in the ground

Bitter harvest for Australia's Mackay Sugar, attacked in peak cane crushing season

Zero trust isn’t broken. Most companies just do it wrong.

There are plenty of myths, mistakes, and misconceptions around zero-trust network access. Here’s how to avoid them.

Python dev saved from disaster by intuition...and AI

I'm sorry, Dave. I can't install that repo that will totally hose your system.

Three critical Fortinet sandbox bugs splattered by unknown attackers

All have patches, so make sure you upgrade to a fixed version

Crooks found a new way to collaborate using Teams – by hiding command-and-control traffic

Custom malware routed communications through legitimate Microsoft services, making malicious activity look like routine corporate collaboration

China-linked hackers target US, Canada research using legacy REDCap exploits

Attackers hijacked REDCap upgrade processes to plant malware and spy on academic, healthcare, and defense research networks.

Cardiac monitor maker's security skips a beat as data thieves go for the jugular

Attackers used social engineering to access third-party business apps and steal patient information

Cybersecurity Executives Urge the Trump Administration to Ease Restrictions on Anthropic AI Models

A group of cybersecurity executives and experts is asking the Trump administration to lift its directive preventing the use of Anthropic’s latest artificial intelligence models by foreign nationals,...

Cisco patches SD-WAN flaw amid evidence of active exploitation

Cisco’s advisory renews attention on SD-WAN management systems that control how enterprises connect sites to cloud environments and critical applications.

Microsoft site throwing warnings after someone forgot to renew cert

Connectivity checker trips browser alarms thanks to lapsed security paperwork

Feds snooze as US datacenter law set to lapse with no replacement in site

Federal Data Center Enhancement Act (FDCEA) of 2023 covers standards including security and sustainability

Feds freaked over Fable 5 after simple 'fix this code' prompt, not jailbreak, says researcher

According to the one person who actually read the research paper

Attackers can turn AI agent guardrails into denial-of-service weapons

Researchers say a single poisoned document could slow AI agent systems by up to 148× and turn AI safety controls into an enterprise weak spot.

Microsoft Defender email security benchmarking: Key insights from one year of data | Microsoft...

See how Microsoft Defender performed in one year of real-world email security benchmarking against SEG and ICES vendors.

Cisco SD-WAN make-me-root bug under attack

Second Catalyst SD-WAN Manager flaw exploited as an 0-day this month

Google Cloud Blog

Council of Europe hacked in ShinyHunters' PeopleSoft heist

Joins the ranks of Nottingham Uni and 100 other unnamed victims