thecyberexpress

127 Groups Oppose Changes to GDPR, EU Data Protection Laws

A coalition of 127 civil society organizations and trade unions have banded together to oppose proposed changes that they warn could severely weaken EU data protection and privacy laws like GDPR. In ...
thecyberexpress

New AI Vulnerability Scoring System Announced to Address Gaps in CVSS

A new vulnerability scoring system has just been announced. The initiative, called the AI Vulnerability Scoring System (AIVSS), aims to fill the gaps left by traditional models such as the Common ...
thecyberexpress

Illuminate Education Fined $5.1 Million for Failing to Protect Student Data

The Attorneys General of California, Connecticut, and New York have announced a $5.1 million settlement with Illuminate Education, Inc., an educational technology company, for failing to adequately ...
thecyberexpress

AI Malware Detected in the Wild as Threats Evolve

AI malware may be in the early stages of development, but it’s already being detected in cyberattacks, according to new research published this week. Google researchers looked at five AI-enabled ...
thecyberexpress

Microsoft Security Lapse Exposed Sensitive Credentials and Internal Resources of Employees

The compromised internal Azure server seemed to be associated with the functioning of the Bing search engine and had been used to store scripts, configuration & code containing sensitive data such as ...
thecyberexpress

Apache Warns of Critical Tomcat Vulnerabilities Impacting Versions 9, 10, and 11Apache Warns of Critical Tomcat Vulnerabilities Impacting Versions 9, 10, and 11

Apache warns of CVE-2025-55752 and CVE-2025-55754 in Tomcat 9–11, risking remote code execution and console attacks. Urgent updates are strongly advised.
thecyberexpress

False Reports of Gmail Data Breach Alarm Internet

Breathless news stories about a Gmail data breach began to appear online after media outlets misinterpreted a report about Gmail passwords stolen by infostealers. Urgent headlines like “Urgent alert ...
thecyberexpress

Former Security Company Official Pleads Guilty to Stealing Trade Secrets to Sell to Russian Buyer

A former cybersecurity company official charged with stealing trade secrets to sell them to a Russian buyer pleaded guilty to two counts of theft of trade secrets in U.S. District Court today, the U.S ...
thecyberexpress

Caller ID Spoofing Is a Big Problem. Europol Wants Solutions.

Caller ID spoofing causes nearly $1 billion (EUR 850 million) in financial losses from fraud and scams each year, according to a new Europol position paper that calls for technical and regulatory ...
thecyberexpress

Qilin Ransomware Group’s TTPs Examined by Researchers

The Qilin ransomware group has been by far the most active ransomware group over the last seven months, so two new research reports detailing some of the group’s tactics, techniques and procedures ...
thecyberexpress

Ransomware Attacks Have Soared in 2025 as New Leaders Emerge

Ransomware attacks have soared 50% in 2025 despite major changes among the leading ransomware groups, according to a new Cyble report. Through October 21, there have been 5,010 ransomware attacks ...
thecyberexpress

SessionReaper Exploits Erupt as Magento Sites Lag on Patching

Six weeks after Adobe shipped an emergency fix, attackers have begun weaponizing SessionReaper — and most Magento stores still stand exposed. Security firm Sansec’s forensics team said it blocked ...