-
1 day ago | 
securitymagazine.com | Jordyn Alger
A financially motivated threat group called UNC6040 is being tracked by Google Threat Intelligence Group (GTIG). The group specializes in voice phishing (vishing) and focuses on compromising organizations’ Salesforce instances to enable data theft and extortion. Over the past few months, the group has demonstrated consistent success in breaching networks by impersonating IT support personnel in telephone calls.
-
1 day ago | 
securitymagazine.com | Jordyn Alger
Prowler’s State of Cloud Security Report 2025 reveals that as cloud infrastructure increases in complexity, security teams are having difficulty keeping pace. Most organizations currently operate in hybrid (64%) or multi-cloud (55%) environments, highlighting how the technical complexity of these environments could present challenges for organizations with underdeveloped cloud security management.
-
2 days ago | 
securitymagazine.com | Jordyn Alger
Harrods, Marks & Spencer, Adidas and more — why are retailers facing this wave of cyberattacks in recent months? A few days after Victoria’s Secret shut down its website due to a cyberattack, Cartier and The North Face revealed the loss of customer data in their own attacks.
-
2 days ago | 
securitymagazine.com | Jordyn Alger
Google has announced it has removed default trust of two certificate authorities (CAs), citing a pattern of compliance problems as well as repeated failures to improve upon these issues. Google Chrome version 139 will introduce this change, scheduled for release on August 1, 2025. The CAs in question are Chunghwa Telecom and Netlock.
-
5 days ago | 
securitymagazine.com | Jordyn Alger
Victoria’s Secret took down its United States website after a security incident. BBC News was informed by the police that Scattered Spider, a hacking crime group, is among the suspects. While the website appears to be restored, it previously was replaced with a customer notice stating the organization was “working around the clock to fully restore operations.” Darren Guccione, CEO and Co-Founder at Keeper Security:Cyberattacks are global threats, rarely limited to one nation or region.
-
1 week ago | 
securitymagazine.com | Jordyn Alger
Serviceaide, an enterprise management solutions provider, has experienced a data leak. This leak has affected the personal and medical information of nearly 500,000 Catholic Health patients.
-
1 week ago | 
securitymagazine.com | Jordyn Alger
Reports are emerging that the LockBit ransomware group has experienced a data breach. This breach has exposed information on the group’s inner workings, including: Ransomware build recordsConversation transcripts between affiliates and victimsConfiguration dataThis leak reveals unprecedented intelligence into the operations of one of the most prolific ransomware groups. Although the leaked files were created in 2024, they were leaked in May 2025. Ontinue discussed findings from the leak in a blog.
-
1 week ago | 
securitymagazine.com | Jordyn Alger
Adidas has announced it experienced a data breach. This breach was caused by an unauthorized user gaining access via a third-party customer service provider. According to the notice, the affected information includes contact information, specifically for customers that have previously contacted the customer service help desk. Passwords, credit card data and other payment information should be safe. Below, security leaders discuss the implications of this breach.
-
2 weeks ago | 
securitymagazine.com | Jordyn Alger
Alabama Office of Information Technology is responding to a cybersecurity incident, as announced by the office on Monday, May 12. Andrew Costis, Engineering Manager of the Adversary Research Team at AttackIQ, shares more details, stating, “The state of Alabama is investigating a cybersecurity event that could disrupt important state government services. The actor and scope of the attack are still unknown.
-
2 weeks ago | 
securitymagazine.com | Jordyn Alger
The integration of artificial intelligence (AI) technology into applications and services is growing, and with it comes a greater reliance on APIs for AI operations. What does this mean for an organization’s security posture? Here, Security magazine talks with Rupesh Chokshi, Senior Vice President and General Manager of Akamai’s Application Security portfolio, about the intersection of API security and AI proliferation. Security magazine: Tell us about your background and career.
