Best of 2025

database, Real-time, data, data governance, concentric, ai, AWS, amazon, cloud, security, tools, Bedrock, data security, data breach, third parties, searchlight, data, AWS, Amazon, cloud security, just-in-time, security, Snyk, cloud, data, data lake, data, cloud storage, next-generation, cloud-native, cloud security, organizations, endpoint data Trend Micro

Best of 2025: Survey: Nearly Half of Data Breaches Involved Third-Party Remote Access

Michael Vizard | December 26, 2025 | AI, Cybersecurity, Data breaches, third party data breaches

A survey of 1,942 IT and IT security practitioners finds nearly half (47%) work for organizations that have experienced a data breach or cyberattack in the past 12 months that involved a ...

Security Boulevard

Best of 2025: Oracle Hack: From ‘Deny-Deny-Deny’ to ‘Oops-Oops-Oops’

Richi Jennings | December 26, 2025 | CVE-2021-35587, Larry Ellison, OCI, Oracle, Oracle Access Manager, Oracle Classic, Oracle cloud, Oracle Cloud Classic, Oracle Cloud infrastructure, Oracle Fusion Cloud, rose87168, SB Blogwatch

Classic “wordplay:” Larry’s PR angels desperately dance on the head of a pin ...

Security Boulevard

Best of 2025: New Akira Ransomware Decryptor Leans on Nvidia GPU Power

Jeffrey Burt | December 25, 2025 | Akira ransomware, Nvidia RTX 4090 GPU, ransomware decryptor

A software programmer developed a way to use brute force to break the encryption of the notorious Akira ransomware using GPU compute power and enabling some victims of the Linux-focused variant of ...

Security Boulevard

Best of 2025: UNC6395 and the Salesloft Drift Attack: Why Salesforce OAuth Integrations are a Growing Risk

Chad Knipschild, Director of Product Marketing, AppOmni | December 25, 2025 | AppOmni

A recent UNC6395 Salesloft Drift breach reveals Salesforce SaaS risks. Learn how to simplify breach detection, prevention, and visibility. The post UNC6395 and the Salesloft Drift Attack: Why Salesforce OAuth Integrations are ...

AppOmni

Vladimir Vladimirovich Putin (caricature)

Best of 2025: Ukraine Pwns Russian Drone Maker — Gaskar is ‘Paralyzed’

Ukrainian Cyber Alliance and Black Owl team up to hack manufacturer of Russian military drones, sources  say. Gaskar Group, Russian designer of drones plaguing Ukraine’s skies, is in utter disarray. Or, at least, ...

Security Boulevard

Best of 2025: LDAPNightmare: SafeBreach Labs Publishes First Proof-of-Concept Exploit for CVE-2024-49112

Or Yair | December 24, 2025

SafeBreach researchers developed a zero-click PoC exploit that crashes unpatched Windows Servers using the Windows Lightweight Directory Access Protocol (LDAP) remote code execution vulnerability (CVE-2024-49112). The post LDAPNightmare: SafeBreach Labs Publishes First ...

Security Boulevard

GTT, Palo alto, Versa, SASE, secure, SASE, market, vendors, data, security, confidence, SASE, network penetration F5

Best of 2025: Microsoft’s January 2025 Patch Tuesday Addresses 157 CVEs (CVE-2025-21333, CVE-2025-21334, CVE-2025-21335)

Tenable Security Response Team | December 23, 2025

10Critical 147Important 0Moderate 0Low Microsoft addresses 157 CVEs in the first Patch Tuesday release of 2025 and the largest Patch Tuesday update ever with three CVEs exploited in the wild, and five ...

Tenable Blog

healthcare, information, health care cybersecurity ransomware

Best of 2025: Blue Shield of California Data Breach Exposes 4.7M Members’ Info

Gopal Ghelot | December 23, 2025 | Data breach, SBN News

Discover the Blue Shield of California data breach affecting 4.7M members. Learn about the risks and essential security measures to protect your data ...

MojoAuth – Go Passwordless

sentinelone, threats, cybersecurity, threats, business, Aeza, Russia, cybersec, threats, OpenText, threat, Google, threats, critical, infrastructure, ITDR, organizations, cybersecurity posture, infrastructure, threat-hunting program. threat hunting, teams, intelligence, Edge Devices data threats IT cybersecurity defense attack alerts machine identity management insider threats security phishing Cybersecurity Threats on the Rise

Best of 2025: Inside the Minds of Cybercriminals: A Deep Dive into Black Basta’s Leaked Chats

Veriti Research | December 22, 2025 | Blog, research

The leaked internal chat communications of the Black Basta ransomware group offer an unprecedented view into how cybercriminals operate, plan attacks, and evade detection. The Veriti Research team analyzed these chat logs, ...

VERITI

cyber insurers, CaaS, insurance, AI-related, security, insurance, cybersecurity, cyber insurance, cybersecurity, insurance

Best of 2025: Scattered Spider Targets Aflac, Other Insurance Companies

Jeffrey Burt | December 22, 2025 | cyberattacks, Insurance Industry, Remote Access Trojan (RAT), scattered spider

Fresh off a series of recent attacks targeting major retail companies in the United States and the UK, the notorious Scattered Spider cybercrime group is now targeting insurance companies, and earlier this ...

Security Boulevard

Best of 2025

Senator Sanders Wants to Own AI Companies — and Hand America’s Adversaries the Keys

NIST’s Nine: The PQC Signature Race Moves to Round Three

The Quantum Arms Race: Why Washington Just Wrote a $2 Billion Check to Nine Companies

Beyond Moore’s Law: The Hyper-Acceleration of Autonomous AI Cyber Capabilities

The Exception Economy: When Security Teams Stop Protecting and Start Negotiating

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On