@guardian360.bsky.social
Het Nationaal Coördinator Terrorismebestrijding en Veiligheid heeft het Cybersecuritybeeld Nederland 2025 gepubliceerd. Het rapport schetst een divers en onvoorspelbaar dreigingslandschap, waarin cyberaanvallen geavanceerder worden en digitale afhankelijkheden toenemen.
November 27, 2025 at 3:15 PM
Het Nationaal Coördinator Terrorismebestrijding en Veiligheid heeft het Cybersecuritybeeld Nederland 2025 gepubliceerd. Het rapport schetst een divers en onvoorspelbaar dreigingslandschap, waarin cyberaanvallen geavanceerder worden en digitale afhankelijkheden toenemen.
A critical flaw in Oracle's Identity Manager has been exploited in the wild, marking the latest threat for customers of the enterprise software giant.
CVE-2025-61757 is a remote code execution (RCE) vulnerability in the Identity Manager solution for Oracle Fusion Middleware.
CVE-2025-61757 is a remote code execution (RCE) vulnerability in the Identity Manager solution for Oracle Fusion Middleware.
November 25, 2025 at 5:30 PM
A critical flaw in Oracle's Identity Manager has been exploited in the wild, marking the latest threat for customers of the enterprise software giant.
CVE-2025-61757 is a remote code execution (RCE) vulnerability in the Identity Manager solution for Oracle Fusion Middleware.
CVE-2025-61757 is a remote code execution (RCE) vulnerability in the Identity Manager solution for Oracle Fusion Middleware.
The Shai-hulud self-replicating worm, which targets open source repositories, has reemerged with a new, more dangerous variant.
Shai-hulud first emerged in September as self-replicating malware that spread across NPM packages.
Shai-hulud first emerged in September as self-replicating malware that spread across NPM packages.
November 25, 2025 at 4:00 PM
The Shai-hulud self-replicating worm, which targets open source repositories, has reemerged with a new, more dangerous variant.
Shai-hulud first emerged in September as self-replicating malware that spread across NPM packages.
Shai-hulud first emerged in September as self-replicating malware that spread across NPM packages.
For more than half a decade now, a Chinese state-aligned threat actor has been spying on Chinese organizations by infecting their trusted software updates.
November 25, 2025 at 1:00 PM
For more than half a decade now, a Chinese state-aligned threat actor has been spying on Chinese organizations by infecting their trusted software updates.
In a near replica of a separate campaign this summer, hackers connected to the ShinyHunters extortion operation have once again breached many organizations' Salesforce instances via a third-party integration.
November 25, 2025 at 8:30 AM
In a near replica of a separate campaign this summer, hackers connected to the ShinyHunters extortion operation have once again breached many organizations' Salesforce instances via a third-party integration.
Artificial intelligence (AI) is doing exactly what security teams hoped it would do: eliminate the repetitive, low-value work that has long burned out junior analysts. But in solving this problem, it may be creating another one that could have a long-lasting impact.
Log review.
Log review.
November 24, 2025 at 11:04 AM
Artificial intelligence (AI) is doing exactly what security teams hoped it would do: eliminate the repetitive, low-value work that has long burned out junior analysts. But in solving this problem, it may be creating another one that could have a long-lasting impact.
Log review.
Log review.
Containerization technology makes software development and cloud deployment easier, but the images that are the foundation of the ecosystem commonly have unnecessary components and hundreds of vulnerabilities.
November 24, 2025 at 9:35 AM
Containerization technology makes software development and cloud deployment easier, but the images that are the foundation of the ecosystem commonly have unnecessary components and hundreds of vulnerabilities.
Under the radar, Google has added features that allow Gmail to access all private messages and attachments for training its AI models.
If you use Gmail, you need to be aware of an important change that’s quietly rolling out.
If you use Gmail, you need to be aware of an important change that’s quietly rolling out.
November 22, 2025 at 8:40 AM
Under the radar, Google has added features that allow Gmail to access all private messages and attachments for training its AI models.
If you use Gmail, you need to be aware of an important change that’s quietly rolling out.
If you use Gmail, you need to be aware of an important change that’s quietly rolling out.
De roep om minder afhankelijk te worden van Amerikaanse cloudproviders en om meer grip te krijgen op onze data en systemen klinkt steeds luider, zowel in Nederland als in de rest van Europa.
November 21, 2025 at 10:00 AM
De roep om minder afhankelijk te worden van Amerikaanse cloudproviders en om meer grip te krijgen op onze data en systemen klinkt steeds luider, zowel in Nederland als in de rest van Europa.
De nieuwe Cyberbeveiligingswet (Cbw) klinkt misschien als iets voor volgend jaar, maar wie nu nog niets doet, is straks te laat.
November 20, 2025 at 5:45 PM
De nieuwe Cyberbeveiligingswet (Cbw) klinkt misschien als iets voor volgend jaar, maar wie nu nog niets doet, is straks te laat.
Researchers have demonstrated how to breach Internet of Things (IoT) devices through firewalls, without the need for any kind of software vulnerability.
Typically, hackers breach IoT devices by obtaining their IP addresses and exploiting firmware vulnerabilities.
Typically, hackers breach IoT devices by obtaining their IP addresses and exploiting firmware vulnerabilities.
November 20, 2025 at 12:00 PM
Researchers have demonstrated how to breach Internet of Things (IoT) devices through firewalls, without the need for any kind of software vulnerability.
Typically, hackers breach IoT devices by obtaining their IP addresses and exploiting firmware vulnerabilities.
Typically, hackers breach IoT devices by obtaining their IP addresses and exploiting firmware vulnerabilities.
The threat actor known as PlushDaemon has been observed using a previously undocumented Go-based network backdoor codenamed EdgeStepper to facilitate adversary-in-the-middle (AitM) attacks.
November 19, 2025 at 4:00 PM
The threat actor known as PlushDaemon has been observed using a previously undocumented Go-based network backdoor codenamed EdgeStepper to facilitate adversary-in-the-middle (AitM) attacks.
In de week van 10 november 2025 gaat de internetconsultatie van de ministeriële regelingen onder de Cyberbeveiligingswet en Wet weerbaarheid kritieke entiteiten van start. De consultatie biedt iedereen de mogelijkheid om te reageren op de conceptteksten.
November 19, 2025 at 8:00 AM
In de week van 10 november 2025 gaat de internetconsultatie van de ministeriële regelingen onder de Cyberbeveiligingswet en Wet weerbaarheid kritieke entiteiten van start. De consultatie biedt iedereen de mogelijkheid om te reageren op de conceptteksten.
An inherent insecurity in the increasingly popular artificial intelligence (AI)-powered developer environment Cursor allows attackers to take over its browser to deliver credential-stealing attacks.
November 18, 2025 at 7:00 PM
An inherent insecurity in the increasingly popular artificial intelligence (AI)-powered developer environment Cursor allows attackers to take over its browser to deliver credential-stealing attacks.
A critical Fortinet FortiWeb vulnerability capable of remote code execution has been exploited in the wild.
Fortinet on Nov. 14 disclosed CVE-2025-64446, a vulnerability in its Web application firewall (WAF) product FortiWeb.
Fortinet on Nov. 14 disclosed CVE-2025-64446, a vulnerability in its Web application firewall (WAF) product FortiWeb.
November 18, 2025 at 5:30 PM
A critical Fortinet FortiWeb vulnerability capable of remote code execution has been exploited in the wild.
Fortinet on Nov. 14 disclosed CVE-2025-64446, a vulnerability in its Web application firewall (WAF) product FortiWeb.
Fortinet on Nov. 14 disclosed CVE-2025-64446, a vulnerability in its Web application firewall (WAF) product FortiWeb.
De Hobby Computer Club (HCC) vraagt opnieuw aandacht voor digitale soevereiniteit. Volgens de vereniging neemt de afhankelijkheid van buitenlandse technologie verder toe, met risico’s voor databeveiliging, privacy en controle over digitale diensten.
November 18, 2025 at 4:00 PM
De Hobby Computer Club (HCC) vraagt opnieuw aandacht voor digitale soevereiniteit. Volgens de vereniging neemt de afhankelijkheid van buitenlandse technologie verder toe, met risico’s voor databeveiliging, privacy en controle over digitale diensten.
Multiple American and European government agencies warned that recent Akira ransomware activity poses an "imminent threat" to critical infrastructure.
November 18, 2025 at 8:30 AM
Multiple American and European government agencies warned that recent Akira ransomware activity poses an "imminent threat" to critical infrastructure.
New survey data indicates that organizations are pushing hard for passwordless authentication.
A significant chunk of online account passwords in 2025 remain basic and easy to crack — a fact that will surprise few.
A significant chunk of online account passwords in 2025 remain basic and easy to crack — a fact that will surprise few.
November 14, 2025 at 7:15 PM
New survey data indicates that organizations are pushing hard for passwordless authentication.
A significant chunk of online account passwords in 2025 remain basic and easy to crack — a fact that will surprise few.
A significant chunk of online account passwords in 2025 remain basic and easy to crack — a fact that will surprise few.
With 63 unique CVEs, Microsoft's November security update is considerably slimmer than the company's record-busting patch rollout last month, which contained fixes for as many as 175 vulnerabilities.
November 14, 2025 at 6:36 AM
With 63 unique CVEs, Microsoft's November security update is considerably slimmer than the company's record-busting patch rollout last month, which contained fixes for as many as 175 vulnerabilities.
Nederlandse scholen in het basis- en voortgezet onderwijs moeten vanaf 2030 voldoen aan normen voor digitale veiligheid. Bij scholen die dit niet doen kan de Inspectie straks ingrijpen.
November 13, 2025 at 12:00 PM
Nederlandse scholen in het basis- en voortgezet onderwijs moeten vanaf 2030 voldoen aan normen voor digitale veiligheid. Bij scholen die dit niet doen kan de Inspectie straks ingrijpen.
With 63 unique CVEs, Microsoft's November security update is considerably slimmer than the company's record-busting patch rollout last month, which contained fixes for as many as 175 vulnerabilities.
November 12, 2025 at 4:00 PM
With 63 unique CVEs, Microsoft's November security update is considerably slimmer than the company's record-busting patch rollout last month, which contained fixes for as many as 175 vulnerabilities.
Ransomware gangs' continued success is well-documented, from reports of substantial payouts and financial fallouts to prolonged disruptions. Each year certain groups emerge in the top rankings, and what sets them apart is becoming clearer.
November 11, 2025 at 5:30 PM
Ransomware gangs' continued success is well-documented, from reports of substantial payouts and financial fallouts to prolonged disruptions. Each year certain groups emerge in the top rankings, and what sets them apart is becoming clearer.
OWASP has updated its list of Top 10 software vulnerabilities to align it better with the current threat landscape and modern development practices.
The Nov.
The Nov.
November 11, 2025 at 4:00 PM
OWASP has updated its list of Top 10 software vulnerabilities to align it better with the current threat landscape and modern development practices.
The Nov.
The Nov.
Spionage, exportverboden en handelsoorlogen. Door de grotere geopolitieke dreigingen nemen ook voor bedrijven de risico's toe. Toch doen bedrijven te weinig om zich tegen die risico's te beschermen, blijkt uit onderzoek van Instituut Clingendael.
November 11, 2025 at 8:30 AM
Spionage, exportverboden en handelsoorlogen. Door de grotere geopolitieke dreigingen nemen ook voor bedrijven de risico's toe. Toch doen bedrijven te weinig om zich tegen die risico's te beschermen, blijkt uit onderzoek van Instituut Clingendael.
ESET heeft zijn halfjaarlijkse APT Activity Report gepubliceerd over de periode april tot en met september 2025. Het onderzoek signaleert een duidelijke intensivering van door staten gesteunde cyberaanvallen, vooral vanuit Rusland en China.
November 10, 2025 at 5:00 PM
ESET heeft zijn halfjaarlijkse APT Activity Report gepubliceerd over de periode april tot en met september 2025. Het onderzoek signaleert een duidelijke intensivering van door staten gesteunde cyberaanvallen, vooral vanuit Rusland en China.