Zoom CISO: AI as Security Enabler, Not Role-Replacer
As Zoom's CISO, Sandra McLeod, discusses the challenges of securing a global communication platform, the promise of AI-driven security workflows, and advice for aspiring cybersecurity leaders.
As Zoom's CISO, Sandra McLeod, discusses the challenges of securing a global communication platform, the promise of AI-driven security workflows, and advice for aspiring cybersecurity leaders.
Once targeting just Microsoft 365, the phishing-as-a-service platform now aims at AWS, Okta, and Russian platforms, while relying on device code phishing.
A sneaky, wide-scale IAB operation uses a malicious traffic distribution system (TDS) to redirect visitors of trusted websites to ones that deliver malware.
A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade endpoint detection and response (EDR) solutions. [...]
China is stealing data from high-value targets via a sneaky, double-layer spear-phishing campaign that includes the Azureveil malware.
High-autonomy agents with broad permissions and unfettered access are a recipe for disaster, and enterprises need to act now before they become the next horror story.
Google on Monday released patches for 124 security vulnerabilities impacting its Android operating system for the month of June 2026, including one high-severity flaw in the Framework component that has come under active exploitation. Tracked as CVE-2025-48595 (CVSS score: 8.4),…
The Russian hacking group known as Gamaredon has been attributed to the continued exploitation of a WinRAR vulnerability to deliver multiple malware families aimed at data theft and propagation. Per Sekoia, the activity involves the weaponization of CVE-2025-8088, a path travers…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security flaw impacting Oracle WebLogic Server to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. The vulnerability, CVE-2024-21182 (CVSS…
Fake ChatGPT desktop app ads pushed password-stealing malware by abusing trusted AI links, hiding from scanners, and tricking users into downloads.
By Dr. Scott Schell - Healthcare organizations did not adopt AI for novelty. They adopted it because margins are tightening, labor is constrained, and the operational burden of modern healthcare is becoming increasingly difficult to sustain. In several areas, AI has already deliv…
Microsoft is working to address a widespread service issue affecting the mail flow pipeline for Exchange Online customers across North America and Germany. [...]
The parents of a 15-year-old child have filed a lawsuit against a Minnesota hospital for failing to provide them with […] The post Parents Sue Minnesota Hospital to Enforce HIPAA Right of Access for Minor Child’s Medical Records appeared first on The HIPAA Journal.
Multiple Instagram users had their accounts hijacked after attackers convinced Meta's AI-powered support tools that they were the legitimate owners. [...]
Grail executives were upbeat on study results for the Galleri multi-cancer early detection test, while ASCO said more evidence is needed before it is incorporated into screening guidelines.
Talent Tuesday Workforce Issues brought to you by St. Bonaventure University. The demand for behavioral health services in the US has grown faster than the workforce meant to deliver them. Online graduate education has become one of the more practical ways to close that gap. Cons…
Hackers abused Meta’s AI support bot to hijack major Instagram accounts, bypassing security checks as videos showed the flaw before Meta fixed the issue.
AI-powered attacks and shadow AI adoption are creating new security risks inside the browser. Push Security explains why browser visibility is becoming critical for both threat detection and AI governance. [...]
CISA has ordered government agencies to secure their systems against a high-severity Oracle WebLogic Server vulnerability that was patched two years ago and is now actively exploited in attacks. [...]