
Articles
-
1 week ago |
thecyberexpress.com | Ashish Khaitan
A newly disclosed vulnerability, tracked as CVE-2025-27522, has been discovered in Apache InLong, a widely used real-time data streaming platform. The Apache InLong vulnerability introduces the potential for remote code execution (RCE). The vulnerability affects Apache InLong versions 1.13.0 through 2.1.0, making a wide range of deployments potentially vulnerable.
-
1 week ago |
thecyberexpress.com | Ashish Khaitan
Apple, in its latest App Store fraud analysis, revealed that the company prevented more than $2 billion in potentially fraudulent transactions in 2024 alone. This contributes to a staggering total of $9 billion in fraudulent activities thwarted since 2019. With more than 813 million visitors weekly and active operations in 175 regions, maintaining the platform’s integrity requires Apple to protect its users and upgrade defenses. Here is a quick breakdown of the 2024 Apple App Store fraud analysis.
-
1 week ago |
thecyberexpress.com | Ashish Khaitan
Nova Scotia Power has confirmed it was the victim of a ransomware attack, weeks after initially alerting customers to a cybersecurity breach. The utility, owned by Emera Inc., revealed that the attack resulted in a data breach impacting approximately 280,000 customers—but emphasized it has not paid the ransom demanded by the attackers. The Nova Scotia cyberattack, which began around March 19, 2025, was first made public on April 28.
-
1 week ago |
thecyberexpress.com | Ashish Khaitan
Five major banking associations have formally petitioned the U.S. Securities and Exchange Commission (SEC) to repeal a rule that mandates public companies to disclose material cybersecurity incidents within four business days. The organizations argue that the rule, particularly the reporting requirement under Form 6-K for foreign issuers and Form 8-K Item 1.05 for domestic issuers, poses unnecessary risks and fails to serve its intended purpose of investor protection.
-
2 weeks ago |
thecyberexpress.com | Ashish Khaitan
Cloudflare has alerted users of a security vulnerability—tracked as CVE-2025-4366—in the widely used Pingora OSS framework. This vulnerability, a request smuggling flaw, was discovered by a security researcher while testing exploits against Cloudflare’s Content Delivery Network (CDN) free tier, which utilizes Pingora to serve cached assets.
Try JournoFinder For Free
Search and contact over 1M+ journalist profiles, browse 100M+ articles, and unlock powerful PR tools.
Start Your 7-Day Free Trial →