IBM has disclosed details of a critical security flaw in API Connect that could allow attackers to gain remote access to the application. The vulnerability, tracked as CVE-2025-13915 , is rated 9.8 out of a maximum of 10.0 on the CVSS scoring system.

20 hours ago - Hackers stole names, addresses, Social Security numbers, ID numbers, and medical and health insurance information from Aflac’s systems.

Brent Dirks, Security Today editor, sits down with Matthew Netardus from Hanwha Vision America to talk more about access control.

Its latest cybersecurity acquisition will help further ServiceNow's plans for autonomous cybersecurity and building a security stack to proactively manage AI.

Organizations have a new resource to map AI considerations onto NIST’s most famous security blueprint.

Online black markets once lurked in the shadows of the dark web. Today, they’ve moved onto public platforms like Telegram—and are racking up historic illicit fortunes.

For more security reporting and resources, see our features. Subscribe to the SM7 Newsletter and receive the seven key security stories, delivered weekly.

AllEmerging InnovationIndustry NewsIT ModernizationLatest From GAOLatest From the Inspector GeneralPeople on the Move ... Why the Homeland Security Workforce Must Learn to “Play Games” to Prepare for 21st-Century Threats

1 week ago - Secure .gov websites use HTTPS A lock () or https:// means you’ve safely connected to the .gov website.

According to Satnam Narang at Tenable, ... and the third time it has done so since its inception. The zero-day flaw patched today is CVE-2025-62221, a privilege escalation vulnerability affecting Windows 10 and later editions....

2 days ago - Apache StreamPipes has released an urgent security advisory addressing CVE-2025-47411, a critical privilege escalation vulnerability affecting versions 0.69.0 through 0.97.0.

1 week ago - Chairman of the House Committee on Homeland Security U.S. Rep. Andrew Garbarino, R-N.Y., talks to Secretary of Homeland Security Kristi Noem prior to a hearing in the Cannon House Office Building on Dec.

Subscribe to our weekly newsletter for the latest in industry news, expert insights, dedicated information security content and online events.

1 week ago - Read the latest news and investigative reporting on security today, including cybersecurity, breaches, hacks and cyberattacks around the globe.

2 days ago - LegalcategorySouth Korea online retailer Coupang faces US securities class action over massive data breach

2 days ago - The Hacker News · Govt., Critical Infrastructure December 26, 2025 · The FCC has announced a ban on foreign-made drones and critical components, citing national security risks. This decision is grounded in the 2025 National Defense Authorization ...

November 25, 2025 - Today’s Cloud and Container Misconfigurations Are Tomorrow’s Critical Vulnerabilities · The AI-fication of Cyberthreats: Trend Micro Security Predictions for 2026

17 hours ago - The Department of War provides the military forces needed to deter war and ensure our nation's security.

3 days ago - CISO for Continental Europe Javier Checa sheds light on the credit reporting agency’s cybersecurity progress since the major security breach that marked ‘a watershed moment in everything related to cybersecurity.’ · By Esther Macías · Dec 31, 202513 mins · CSO and CISOFinancial Services IndustrySecurity · Feature · By John Edwards · Dec 30, 20257 mins · ComplianceIncident ResponseSecurity Practices · Feature · By Lucian Constantin · Dec 29, 20257 mins · Artificial IntelligenceRisk ManagementThreat and Vulnerability Management · News ·

This Emergency Directive requires agencies to analyze the content of exfiltrated emails, reset compromised credentials, and take additional steps to ensure authentication tools for privileged Microsoft Azure accounts are secure.