1+ hour, 37+ min ago  (163+ words) Ericsson data breach exposes employee and customer information | brief | SC Media'SC Media Ericsson data breach exposes employee and customer information Per Bleeping Computer, Ericsson Inc., the U.S. subsidiary of the Swedish telecommunications giant, has confirmed a data breach affecting an undisclosed…...

1+ hour, 51+ min ago  (758+ words) COMMENTARY: The cybersecurity industry has spent decades perfecting the art of catching the "human in the loop." We look for the disgruntled employee, the phishing link, the vulnerable package, the nation-state actor, or the opportunistic script kiddie. In the last…...

17+ hour, 30+ min ago  (182+ words) Massive GitHub, DockerHub private key leaks impact corporations, governments'SC Media Massive GitHub, DockerHub private key leaks impact corporations, governments More than 900 of 2,622 active and valid TLS certificates matched with private keys inadvertently exposed on GitHub and DockerHub are used by…...

17+ hour, 48+ min ago  (254+ words) Velvet Tempest uses ClickFix for DonutLoader and CastleRAT deployment'SC Media Velvet Tempest uses ClickFix for DonutLoader and CastleRAT deployment Ransomware threat actors known as Velvet Tempest are employing the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware…...

17+ hour, 39+ min ago  (140+ words) IT Brief Australia reports that Delinea has completed the acquisition of StrongDM, integrating the universal access management vendor into its identity security platform to address the growing challenges of non-human identities and agentic AI. The platform will provide real-time access…...

23+ hour, 11+ min ago  (220+ words) A new white paper, "From audit readiness to operational assurance," developed from a CyberRisk Collaborative (CRC) Member Briefing sponsored by RegScale, explores how the gap between perception and execution defines the current maturity divide in cybersecurity governance. These activities confirm…...

3+ day, 19+ hour ago  (446+ words) The Cybersecurity and Infrastructure Security Agency (CISA) added three Apple flaws identified as part of the Coruna exploit kit to its Known Exploited Vulnerabilities (KEV) catalog Thursday. Google Threat Intelligence Group (GTIG) and iVerify both published reports about the iOS…...

3+ day, 20+ hour ago  (84+ words) Iran vs Everyone: 2FA-Bypass Phish, APT41 Drive, iOS 0days, Josh Marpet, and More " SWN #561SC Media Iran vs Everyone: 2FA-Bypass Phish, APT41 Drive, iOS 0days, Josh Marpet, and More on the Security Weekly News Security Weekly listeners save $100 on their RSAC 2026 All Access Pass! RSAC…...

4+ day, 1+ hour ago  (170+ words) Wikimedia Foundation hit by JavaScript worm; editing restricted | brief | SC Media'SC Media Wikimedia Foundation hit by JavaScript worm; editing restricted Coverage from Bleeping Computer indicates that the Wikimedia Foundation experienced a significant security incident involving a self-propagating JavaScript worm that…...

4+ day, 18+ hour ago  (193+ words) Bing-boosted fake OpenClaw installers deliver infostealers, GhostSocks malware | brief | SC Media'SC Media Bing-boosted fake OpenClaw installers deliver infostealers, GhostSocks malware Multiple information-stealing payloads and the GhostSocks proxy malware have been distributed by bogus GitHub-hosted installers for the popular open-source AI…...