Cyber Due Diligence
Gemini Enterprise No-Click Flaw Exposes Sensitive Data
Google has fixed a critical vulnerability that enabled attackers to add malicious instructions to common documents to exfiltrate sensit...
Apache Issues Max-Severity Tika CVE After Patch Miss
The Apache Software Foundation's earlier fix for a critical Tika flaw missed the full scope of the vulnerability, prompting an updated ...
Exploitation Activity Ramps Up Against React2Shell
Attacks against CVE-2025-55182, which began almost immediately after public disclosure last week, have increased as more threat actors ...
US Treasury Tracks $4.5B in Ransom Payments since 2013
The US Treasury's Financial Crimes Enforcement Network shared data showing how dramatically ransomware attacks have changed over time.
‘Broadside’ Mirai Variant Targets Maritime Logistics Sector
"Broadside" is targeting a critical flaw in DVR systems to conduct command injection attacks, which can hijack devices to achieve persi...
Rust Code Delivers Better Security, Also Streamlines DevOps
Software teams at Google and other Rust adopters see safer code when using the memory-safe language, and also fewer rollbacks and less ...
India Rolls Back App Mandate Amid Surveillance Concerns
Remember when Apple put that U2 album in everyone's music libraries? India wanted to do that to all of its citizens, but with a cyberse...
Threat Landscape Grows Increasingly Dangerous for Manufacturers
Manufacturers are the top target for cyberattacks in 2025 because of their still-plentiful cybersecurity gaps and a lack of expertise.
React2Shell Vulnerability Under Attack From China-Nexus Groups
A maximum-severity vulnerability affecting the React JavaScript library has been exploited in the wild, further stressing the need to p...
CISOs Should Be Asking These Quantum Questions Today
As quantum quietly moves beyond lab experiment and into production workflows, here's what enterprise security leaders should be focused...