DARKReading

After threatening to slash support for the CVE program, CISA threw MITRE a lifeline at the last minute — extending its government contract for another 11 months. After that, it looks like it's up to the private sector to find the cash to keep it going.

If security tools are challenging to use, people will look for workarounds to get around the restrictions.

Gartner projects IT security spending in the MENA region will continue to increase in 2025, with security services accounting for the most growth.

An Indian disaster-relief flight delivering aid is the latest air-traffic incident, as attacks increase in the Middle East and Myanmar and along the India-Pakistan border.

The attacks have been going on since shortly after Microsoft patched the vulnerability in March.

Researchers discovered new variants of the malware, which is tied to a China-nexus threat group, targeting Windows environments of critical infrastructure networks in Europe.

Trend Micro researchers detailed an emerging ransomware campaign by a new group known as "CrazyHunter" that is targeting critical sectors in Taiwan.

Changes aim to tighten integration with the National Institute of Standards and Technology's Cybersecurity Framework and help organizations develop a stronger posture to handle privacy risks.

A fix for a critical flaw in a tool allowing organizations to run GPU-accelerated containers released last year did not fully mitigate the issue, spurring the need to patch a secondary flaw to protect organizations that rely on NVIDIA processors for AI workloads.

Cloud misconfigurations and cryptography flaws plague some of the top apps used in work environments, exposing organizations to risk and intrusion.