IBM has disclosed details of a critical security flaw in API Connect that could allow attackers to gain remote access to the application. The vulnerability, tracked as CVE-2025-13915 , is rated 9.8 out of a maximum of 10.0 on the CVSS scoring system.

1 day ago - Hackers stole names, addresses, Social Security numbers, ID numbers, and medical and health insurance information from Aflac’s systems.

Brent Dirks, Security Today editor, sits down with Matthew Netardus from Hanwha Vision America to talk more about access control.

Breaking cybersecurity news, news analysis, commentary, and other content from around the world.

Online black markets once lurked in the shadows of the dark web. Today, they’ve moved onto public platforms like Telegram—and are racking up historic illicit fortunes.

For more security reporting and resources, see our features. Subscribe to the SM7 Newsletter and receive the seven key security stories, delivered weekly.

AllEmerging InnovationIndustry NewsIT ModernizationLatest From GAOLatest From the Inspector GeneralPeople on the Move ... Why the Homeland Security Workforce Must Learn to “Play Games” to Prepare for 21st-Century Threats

1 week ago - Secure .gov websites use HTTPS A lock () or https:// means you’ve safely connected to the .gov website.

Organizations have a new resource to map AI considerations onto NIST’s most famous security blueprint.

1 day ago - Apache StreamPipes has released an urgent security advisory addressing CVE-2025-47411, a critical privilege escalation vulnerability affecting versions 0.69.0 through 0.97.0.

1 week ago - Chairman of the House Committee on Homeland Security U.S. Rep. Andrew Garbarino, R-N.Y., talks to Secretary of Homeland Security Kristi Noem prior to a hearing in the Cannon House Office Building on Dec.

John Eccleshare, Head of Information Security at bet365, explains how security has evolved from enforcing rules to fostering relationships ... A coordinated wave of fake online job ads targeting the Middle East and North Africa has been uncovered, exploiting remote work trends ... Subscribe to our weekly newsletter for the latest in industry news, expert insights, dedicated information security content and online events.

1 day ago - The Hacker News · Govt., Critical Infrastructure December 26, 2025 · The FCC has announced a ban on foreign-made drones and critical components, citing national security risks. This decision is grounded in the 2025 National Defense Authorization ...

According to Satnam Narang at Tenable, ... and the third time it has done so since its inception. The zero-day flaw patched today is CVE-2025-62221, a privilege escalation vulnerability affecting Windows 10 and later editions....

November 25, 2025 - Today’s Cloud and Container Misconfigurations Are Tomorrow’s Critical Vulnerabilities · The AI-fication of Cyberthreats: Trend Micro Security Predictions for 2026

2 days ago - The Department of War provides the military forces needed to deter war and ensure our nation's security.

3 days ago - Security · news · Le Monde Informatique reports that it is a DDoS attack. By Viktor Eriksson · Dec 23, 2025 1 min · CyberattacksCybercrimeSecurity · news · The method is used by both Russian and Chinese hackers. By Mikael Markander · Dec 23, 2025 1 min ·

1 week ago - Read the latest news and investigative reporting on security today, including cybersecurity, breaches, hacks and cyberattacks around the globe.

1 day ago - LegalcategorySouth Korea online retailer Coupang faces US securities class action over massive data breach

This Emergency Directive requires agencies to analyze the content of exfiltrated emails, reset compromised credentials, and take additional steps to ensure authentication tools for privileged Microsoft Azure accounts are secure.