Digital currency concept Glowing dollar sign money bag on circuit board

(Adobe Stock)

Cybersecurity spending boom projected, but security pros are skeptical

Steve ZurierDecember 26, 2025

KPMG predicts a boom focused on cybersecurity spending, talent acquisition, and strategic partnerships.

RESOURCES

Leadership
A serial entrepreneur’s journey from marketing to cybersecurity: Founder Stories
Government security
Alexandra Seymour to receive Excellence in Action award for advancing national cybersecurity policy at ICIT 2025 Gala
Endpoint/Device Security
Autonomous IT, real-time endpoint intelligence, and unified operations and security: Turning operations data into faster decisions
Government security
State Department CIO Kelly Fletcher to receive Impact Award for advancing secure global diplomacy at ICIT 2025 Gala
Exposure management
Seeing clearly: How exposure management streamlines SOC investigations

PODCASTS

Vulnerability Management
Holiday Special Part 2: You’re Gonna Click the Link – Rob Allen – SWN #541
Security Architecture
Building a Hacking Lab in 2025 – PSW #906
Leadership
The CISO Holiday Party 2025: Leadership Lessons from the Year That Was – BSW #427
Vulnerability Management
Holiday Special Part 1: You’re Gonna Click the Link – Rob Allen – SWN #540
Leadership
Modern AppSec: OWASP SAMM, AI Secure Coding, Threat Modeling & Champions – Sebastian Deleersnyder, James Manico, Adam Shostack, Dustin Lehr – ASW #362

FEATURED

Perspectives Spotlight: Expert Insights

Perspectives Spotlight: Expert Insights

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Perspectives

In Brief

More Resources

Cyber security concept. Toy horse on a digital screen, symbolizes the attack of the Trojan virus. 3D illustration.

Open-source tool Nezha used as post-exploitation remote access trojan

Steve ZurierDecember 24, 2025

Tools such as Nezha evade signature detection, blend with normal activity, and reduce development effort.

(Credit: Luciano Luppa – stock.adobe.com)

Vulnerability Management

CVSS 9.9 RCE vulnerability in n8n potentially impacts more than 100K servers

Laura FrenchDecember 24, 2025

The flaw allows an authenticated attacker to run arbitrary code with elevated permissions.

Computer keyboard, close-up button of the flag of North Korea.

Threat Intelligence

North Korean Beavertail malware sparks attacks across financial sector

Steve ZurierDecember 23, 2025

Attacks started in a malicious npm package hosted on GitHub or GitLab, according to Darktrace.

Ameday campaign used GitLab server to retrieve StealC infostealer

Laura FrenchDecember 23, 2025

Amadey used a modified base64 algorithm to obfuscate strings to target browser credentials and cryptocurrency transactions.

Digital identity verification ties users to verified credentials, enabling secure logins, compliant transactions, and protected digital experiences.

Threat groups steal identities to access Microsoft 365 accounts

Steve ZurierDecember 22, 2025

Several threat clusters were identified by Proofpoint, including the financially motivated group TA2723.

(Adobe Stock)

Exposure management

WatchGuard: Patch exploited 9.3 flaw in Firebox firmware

Steve ZurierDecember 19, 2025

Experts warn customers to watch for “ghost” vulnerabilities that remain exploitable even if mobile VPN settings get deleted.

Exposure management

React2Shell ransomware: Weaxor deployed on vulnerable server

Laura FrenchDecember 19, 2025

Attackers deployed Weaxor ransomware less than a minute after initial access.

(Credit: Sundry Photography – stock.adobe.com)

Exposure management

CVSS 10.0 HPE OneView RCE bug identified – patch now!

Steve ZurierDecember 18, 2025

Experts say OneView manages the whole data center, so teams should expect an exploit of this RCE very soon.

EVENTS