Cyber Insights 2025: Identities
Both human and machine identities occupy a unique position: they are simultaneously the foundation of cybersecurity and its weakest link.
The post Cyber Insights 2025: Identities appeared first on SecurityWeek.
Similar Posts
Node.js Malware Campaign Targets Crypto Users with Fake Binance and TradingView Installers
Bys sMicrosoft is calling attention to an ongoing malvertising campaign that makes use of Node.js to deliver malicious payloads capable of information theft and data exfiltration. The activity, first detected in October 2024, uses lures related to cryptocurrency trading to trick users into installing a rogue installer from fraudulent websites that masquerade as legitimate software like…
Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows
Bys sA new, critical security vulnerability has been disclosed in the n8n workflow automation platform that, if successfully exploited, could result in the execution of arbitrary system commands. The flaw, tracked as CVE-2026-25049 (CVSS score: 9.4), is the result of inadequate sanitization that bypasses safeguards put in place to address CVE-2025-68613 (CVSS score: 9.9), another critical…
Malware seller known as “Venom” extradited to France
Bys sThere is an update to an arrest made in Greece in November as part of Operation Endgame. Ekathimerini reports: A 39-year-old Albanian national known online as “Venom” was extradited to France in mid-May after his arrest last November at his apartment in the Nikaia district of Athens. The suspect, who described himself as a construction……
Thai hospital fined 1.2 million baht for data breach via snack bags
Bys sBright Choomanee reports: A significant private hospital in Thailand has been penalised with a fine of 1.2 million baht after patient paper records were discovered being repurposed as snack bags, as reported by the nation’s data protection authority. This incident was one of five major cases announced on August 1 by the Personal Data Protection Committee (PDPC), which also included penalties for data law…
Romania’s oil pipeline operator confirms cyberattack as hackers claim data theft
Bys sDaryna Antoniuk reports: Romania’s national oil pipeline operator Conpet said a cyberattack disrupted parts of its technology infrastructure and knocked its website offline earlier this week, adding that oil transport operations were not affected. Conpet, which operates about 3,800 kilometers (2,360 miles) of pipelines supplying domestic and imported crude oil and petroleum products to refineries……
Critical Wing FTP Server Vulnerability (CVE-2025-47812) Actively Being Exploited in the Wild
Bys sA recently disclosed maximum-severity security flaw impacting the Wing FTP Server has come under active exploitation in the wild, according to Huntress. The vulnerability, tracked as CVE-2025-47812 (CVSS score: 10.0), is a case of improper handling of null (”) bytes in the server’s web interface, which allows for remote code execution. It has been addressed…