Login Subscribe

7secure Coverage

Articles

Search and filter the broader reporting stream across incidents, AI security, policy, and operational coverage.

Identity & Access Management (IAM)

Password Managers Exposed: New Vulnerabilities Threaten Credential Vaults

Password Managers Exposed: New Vulnerabilities Threaten Credential Vaults

The Register’s recent probe uncovered critical bugs in several popular password‑manager apps, including insecure local storage, weak encryption key handling, and flawed auto‑fill mechanisms. Exploiting these flaws could let an attacker extract stored passwords, OTP seeds, and other sensitive data directly from a victim’s device, effectively

Vulnerabilities & Exploits

VMware vDefend Brings Zero‑Trust Lateral Defense to Private Clouds

VMware vDefend Brings Zero‑Trust Lateral Defense to Private Clouds

VMware introduced vDefend, a service that extends zero‑trust principles into private‑cloud environments. It continuously monitors east‑west traffic, automatically detects suspicious lateral movement, and isolates compromised workloads in real time. The solution builds on NSX micro‑segmentation, applying granular, policy‑driven controls without the need for manually crafted

SOC & Automation

Falcon Fusion SOAR Supercharges SOC Automation and Incident Consistency

Falcon Fusion SOAR Supercharges SOC Automation and Incident Consistency

CrowdStrike introduced Falcon Fusion SOAR, a cloud‑native platform that lets security operations teams stitch together existing security tools and automate repetitive response steps. The solution ships with a curated library of pre‑built playbooks mapped to MITRE ATT&CK techniques, enabling analysts to launch coordinated actions—such as

Identity & Access Management (IAM)

CrowdStrike Wins Gartner Customer’s Choice, Patches Six Zero‑Day Auth Flaws

CrowdStrike Wins Gartner Customer’s Choice, Patches Six Zero‑Day Auth Flaws

CrowdStrike has been named a Gartner Peer Insights “Customer’s Choice” for its user authentication suite, a distinction that reflects strong user satisfaction and perceived effectiveness in protecting identities. In the same release cycle the company disclosed that it has fully remediated six zero‑day vulnerabilities discovered in its authentication

Malware & Ransomware

Outlook Add‑In Hijack, Wormable IoT Botnet, and AI‑Crafted Malware Threaten Defenders

Outlook Add‑In Hijack, Wormable IoT Botnet, and AI‑Crafted Malware Threaten Defenders

A wave of malicious Outlook add‑ins surfaced this week, targeting enterprise mailboxes to intercept, modify, and forward messages. The add‑ins were distributed via compromised software updates and phishing campaigns, allowing threat actors to harvest credentials, exfiltrate sensitive data, and embed further payloads directly into legitimate communications. Because the

Threat Intelligence

Lithuania Deploys AI‑Powered Shield Against Deep‑Fake Fraud

Lithuania Deploys AI‑Powered Shield Against Deep‑Fake Fraud

Lithuania has unveiled a nationwide anti‑fraud program that pairs new regulations with AI‑driven detection tools to counter the rise of synthetic‑media attacks. The initiative targets deep‑fake audio, video, and image scams aimed at citizens and public‑sector services, integrating real‑time verification into e‑government portals,

Malware & Ransomware

Romanian Pipeline Operator Conpet Hit by Full-Service Outage After IT Breach

Romanian Pipeline Operator Conpet Hit by Full-Service Outage After IT Breach

Check Point’s 9 February Threat Intelligence Report details a cyberattack that breached Conpet’s corporate IT infrastructure, Romania’s national oil pipeline operator. Attackers gained foothold in business‑network systems, disabling critical services and causing a complete shutdown of the pipeline’s data‑flow and scheduling platforms. The outage

Malware & Ransomware

QR Code Phishing Expands Mobile and Web Attack Surface

QR Code Phishing Expands Mobile and Web Attack Surface

Threat actors are increasingly embedding malicious URLs in QR codes, allowing them to sidestep traditional network and email filters. When users scan these codes with a smartphone, the device is redirected to a phishing site that harvests credentials or to a payload server that drops malware. Attackers often leverage deep‑