security-operations

The CISO role has always been brutal. Here is what makes some survive it.

• leadership
• security-operations
• soc

The CISO role has always been brutal. Here is what makes some survive it.

Peter Liebert April 21, 2026

CISOs should guide risk decisions with options, aligning security with business priorities.

Read More Read more about The CISO role has always been brutal. Here is what makes some survive it.

Express website vulnerability exposed customer order details

• data-security
• security-operations
• vulnerability-management

Express website vulnerability exposed customer order details

SC Staff April 20, 2026

The vulnerability allowed unauthorized access to order confirmation pages, revealing customer names, phone numbers, email addresses, postal...

Read More Read more about Express website vulnerability exposed customer order details

Fiverr faces scrutiny over exposed user files

• data-security
• security-operations

Fiverr faces scrutiny over exposed user files

SC Staff April 20, 2026

The data exposure occurred because Fiverr utilized Cloudinary for image and PDF storage, employing public URLs instead...

Read More Read more about Fiverr faces scrutiny over exposed user files

Man sentenced for hacking U.S. Supreme Court and government systems

• identity
• security-operations

Man sentenced for hacking U.S. Supreme Court and government systems

SC Staff April 20, 2026

Nicholas Moore has been sentenced to one year of probation for hacking into the U.S. Supreme Court’s...

Read More Read more about Man sentenced for hacking U.S. Supreme Court and government systems

4 new Android malware families target 800+ apps

• application-security
• malware
• security-operations

4 new Android malware families target 800+ apps

SC Staff April 17, 2026

These malware families, named RecruitRat, SaferRat, Astrinox, and Massiv, employ various tactics like phishing and smishing to...

Read More Read more about 4 new Android malware families target 800+ apps

Nexcorium malware targets IoT devices, leverages Mirai variant for DDoS attacks

• iot
• malware
• security-operations
• vulnerability-management

Nexcorium malware targets IoT devices, leverages Mirai variant for DDoS attacks

SC Staff April 17, 2026

Nexcorium primarily targets video recording boxes for security cameras, particularly TBK DVR-4104 and DVR-4216 models, due to...

Read More Read more about Nexcorium malware targets IoT devices, leverages Mirai variant for DDoS attacks

New ZionSiphon malware targets Israeli water systems

• malware
• ot-security
• security-operations

New ZionSiphon malware targets Israeli water systems

SC Staff April 17, 2026

ZionSiphon employs a combination of common cyberattack techniques, including privilege escalation, persistence mechanisms, and propagation via removable...

Read More Read more about New ZionSiphon malware targets Israeli water systems

FISA Section 702 debate: Lawmakers clash over surveillance powers ahead of expiration

• data-security
• Privacy
• security-operations

FISA Section 702 debate: Lawmakers clash over surveillance powers ahead of expiration

SC Staff April 17, 2026

Section 702 allows agencies like the NSA and CIA to monitor foreign communications, but this process can...

Read More Read more about FISA Section 702 debate: Lawmakers clash over surveillance powers ahead of expiration

Operation PowerOFF dismantles DDoS-for-hire services, nabs suspects

• security-operations
• threat-intelligence

Operation PowerOFF dismantles DDoS-for-hire services, nabs suspects

SC Staff April 17, 2026

The operation focused on disrupting "booter" services, which allow users to pay for launching distributed denial-of-service (DDoS)...

Read More Read more about Operation PowerOFF dismantles DDoS-for-hire services, nabs suspects

NIST overhauls National Vulnerability Database operations amidst record CVE growth

• patchconfiguration-management
• security-operations
• vulnerability-management

NIST overhauls National Vulnerability Database operations amidst record CVE growth

SC Staff April 16, 2026

Under the new model, NIST will only fully enrich CVEs that are listed in the Cybersecurity and...

Read More Read more about NIST overhauls National Vulnerability Database operations amidst record CVE growth