NIST introduces new metric to better asses if flaws are being exploited

LEV builds on the Exploit Prediction Scoring System (EPSS).

Coinbase confirms insider breach impacting nearly 70K users amid $20M extortion attempt

The breach occurred on December 26, 2024, but went undetected until May 11, 2025.

Ongoing Silent Ransom Group phishing extortion attacks target law firms

The group has been using sophisticated callback phishing and social engineering tactics to infiltrate corporate networks.

Sophisticated malware campaign targeting Chinese-speaking users with Winos 4.0

The campaign uses a stealthy, memory-resident loader dubbed Catena, which stages payloads entirely in memory.

Cyber Security Week in Review: May 23, 2025

In brief: Several major malware operations disrupted,  hackers exploit Ivanti and Cityworks zero-days, and more.