Windows Server Update Services (WSUS) vulnerability abused to harvest sensitive data

An analysis of a data leak from a Chinese cybersecurity company TopSec has revealed that it likely offers censorship-as-a-service solutions to prospective customers, including a state-owned enterprise in the country. Founded in 1995, TopSec ostensibly offers services such as Endpoint Detection and Response (EDR) and vulnerability scanning. But it’s also providing “boutique” solutions in order

What do identity risks, data security risks and third-party risks all have in common? They are all made much worse by SaaS sprawl. Every new SaaS account adds a new identity to secure, a new place where sensitive data can end up, and a new source of third party risk. Learn how you can protect…

Meta has warned that a security vulnerability impacting the FreeType open-source font rendering library may have been exploited in the wild. The vulnerability has been assigned the CVE identifier CVE-2025-27363, and carries a CVSS score of 8.1, indicating high severity. Described as an out-of-bounds write flaw, it could be exploited to achieve remote code execution…

Suzanne Smalley reports: The Office of the National Cyber Director (ONCD) is poised to become a stronger force in the second Trump administration and will finally operate as the executive branch cybersecurity policy lead that Congress envisioned when establishing it in 2021, experts say. President Donald Trump’s selection of Sean Cairncross to lead the office signals that…

Tenable CEO and cybersecurity industry veteran Amit Yoran has passed away at the age of 54 after a battle with cancer. The post Tenable CEO Amit Yoran Dead at 54 appeared first on SecurityWeek.

Sophos marks International Women’s Day with global events organized by the Women in Technology Network, focusing on leadership development, support, and fostering gender inclusivity in the workplace.