The EU Cyber Resilience Act represents the most significant shift in product security requirements in a generation. Starting September 11, 2026, manufacturers must report actively exploited vulnerabilities to EU authorities within 24 hours of becoming aware of them.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
The integration of AI into cybersecurity has evolved significantly. Initially, AI assistants primarily supported threat research and rapid intelligence processing,...
A phishing campaign by state-sponsored Iranian hackers has targeted over 100 government entities and other organizations with version 4 of the Phoenix malware backdoor.
Google issued an explanatory series of posts on X outlining that there were no new passwords stolen, and that any legitimate credentials came from an assortment of prior data breaches stretching back years that have been circulating on underground forums. Much of the collection was built via infostealer malware.
An FIA data breach has exposed the sensitive personal information of F1 drivers, including government-issued IDs, after a group of security researchers breached the sporting body’s Driver Categorisation portal.
Harvard University and Envoy, an American Airlines subsidiary, have confirmed data breaches linked to a zero-day vulnerability CVE-2025-61882 in Oracle’s E-Business Suite software.
Japanese minimalist retailer Muji was forced to shut down its online stores after a ransomware attack hit its logistics partner, Askul, resulting in order cancelations.
The new CSC report warns that national cyber defense is "stalling" in most areas and "slipping" in some. Its central point of criticism is that only 35% of 82 recommendations that the commission made in 2020 have been fully implemented, with about 13% still facing barriers to progress and another 18% making progress but still distant from actual implementation.
Credit rating agency Experian's Netherlands branch has been assessed a €2.7 million (about $3.2 million) GDPR fine for improper collection of personal data, which was drawn from multiple public and private sources that data subjects were not necessarily aware of.
Europol has dismantled a large-scale SIM farm operation, arresting seven suspects and seizing 1,200 SIM-box devices containing 40,000 SIM cards registered across 80 countries.










