Blog

New EU Vulnerability Database Will Complement Existing Sources, At Least For Now
With the CVE program famously facing funding difficulties, the EU has chosen an opportune time to roll out its new European Vulnerability Database. But, at least for the near term, the database looks to be leaning on the CVE database and other sources and acting as a complement rather than a potential replacement.

Will the Lockbit Ransomware Group’s Data Breach Finally Finish It Off?
LockBit ransomware has certainly not gone away as a threat; the data breach shows that the group communicated with victims over 4,000 times just between December 2024 and April 2025, and that it still has around 75 affiliates.

Security Breach of Messaging App Clone Raises Questions About U.S. Government Communications
An alternative version of the Signal messaging app that was thought to be safe enough for high-level U.S. government officials has suspended service indefinitely after a security breach, and the incident has raised serious questions about how confidential and classified communications are being handled.

String of Attacks on UK IT Help Desks Tied to Repeatable Social Engineering Approach
Marks & Spencer and Co-op had reported that their IT help desks were convinced by a caller to reset an employee password. DragonForce has claimed credit for the attacks, all of which impacted major UK retailers, including Harrods.

Microsoft Makes the First Move Toward a Passwordless Future
A desire to replace the password as the world’s default authentication method has been circulating in the tech world for some time, but there have been almost no moves to force the issue to date. That has changed with Microsoft’s new passwordless policy for new accounts, though it is still far from the “death of the password.”

AI Emerges as Panacea for Third-Party Security Issues, but Chase CISO Warns It Won’t Save SaaS Models
Organizations also increasingly can’t avoid SaaS models, and sometimes are even stuck with those that do not have a satisfactory security track record. That substantially increases the broader risk of some sort of major catastrophe that could harm an entire national economy stemming from just one third-party security breach.

New Prompt Injection Attack Compromises All AI Models
All of the big LLMs are vulnerable to a new type of prompt injection attack that targets their safety policies, according to security firm HiddenLayer. The attack essentially fully jailbreaks the AI models, exposing the system prompt as well as enabling all different types of dangerous requests.

75 Zero-Days Exploited in the Wild in 2024, Spyware Remains Common
When it comes to zero-days and spyware, China and North Korea’s hacking teams head up the leaderboard with five 2024 incidents each. Russia had three, and South Korea one; another three were likely the work of APT groups but a specific nation was not pinned down.

California Health Insurance Provider Blue Shield’s Misconfiguration Exposed Most of Its Customer Health Data to Google Ad Network for 3 Years
The size of the health insurance breach, 4.7 million of about 6 million Blue Shield California customers, is not the only point of concern. The breach window was reportedly open from April 2021 to January 2024, nearly three continuous years. And the loss of health data was also only detected in February of this year.

Verizon’s 2025 DBIR Finds Major Spikes in Third-Party Cyber Attacks, Exploitation of Edge Devices
Of all the cyber attacks examined in the 2025 DBIR, 22% kicked off with credential abuse. Vulnerability exploitation has been making a strong push to take the lead over the last two years, however, with its most recent surge putting it at 20% (and ahead of phishing at 16%).