As federal agencies accelerate their zero trust strategies, identity, credential, and access management (ICAM) has become mission-critical. The Defense Department is taking a federated approach, enabling single identities to securely span multiple systems. But with every badge, credential, and privilege comes both opportunity and risk — and the stakes couldn’t be higher.
Over 15 Malicious npm Packages Exploiting Windows to Deploy Vidar Malware
Datadog Security Research has uncovered a sophisticated supply chain attack targeting the npm ecosystem, involving 17 malicious packages across 23 releases designed to deliver the Vidar infostealer malware to Windows systems.
The campaign, attributed to a threat actor cluster tracked as MUT-4831, represents a significant escalation in npm-based threats and marks the first known public disclosure of Vidar malware being distributed through npm packages.
PDC Unveils Osiris Computer Module Featuring Microchip’s PIC64-HPSC for Next-Gen Space Missions
Power Device Corporation (PDC) a trusted leader in space electronics for over 25 years, proudly announces the launch of its latest innovation: the Osiris Computer Module. This high-performance Single Board Computer (SBC) integrates Microchip Technology’s cutting-edge PIC64-HPSC microprocessor (MPU), delivering up to 26,000 DMIPS and 1 TFLOPS of processing power in a compact, SWaP-optimized 3U SpaceVPX form factor.
Accelerate together — Secure by AI
Top cybersecurity experts share insights on how to outpace adversaries by using AI to your advantage.
Featuring perspectives from AWS, CrowdStrike, Palo Alto Networks, and Splunk, this e-book explores how agencies can harness AI’s potential while staying one step ahead of its risks.
Secure Boot bypass risk threatens nearly 200,000 Linux Framework laptops
Around 200,000 Linux computer systems from American computer maker Framework were shipped with signed UEFI shell components that could be exploited to bypass Secure Boot protections.
An attacker could take advantage to load bootkits (e.g. BlackLotus, HybridPetya, and Bootkitty) that can evade OS-level security controls and persist across OS re-installs.
Microsoft Outlook Bug on Windows Devices Results in Repeated Email Crashes
Microsoft is currently investigating a significant bug affecting classic Outlook for Windows that prevents users from accessing their email accounts.
The issue manifests as a persistent error message stating “Cannot start Microsoft Outlook. Cannot open the Outlook window. The set of folders cannot be opened. The attempt to log on to Microsoft Exchange has failed.” According to Microsoft’s official documentation updated on September 26, 2025, this particular error can occur for various reasons, but recent support cases have primarily involved user mailboxes experiencing authentication failures.
How to achieve secure, mobile-first collaboration in the zero trust era
What does secure collaboration really look like in action?
There’s always tension between using the newest technology and ensuring it’s secure. In our latest e-book, we explore how federal leaders are navigating this challenge across branches and agencies.
Maryland Transportation Systems Disrupted Following Cyberattack
Maryland’s transit network experienced widespread disruption this week after a sophisticated cyberattack targeted critical information systems, forcing the Maryland Transit Administration (MTA) and the Department of Information Technology (DoIT) to scramble containment efforts.
While most core services remain operational, significant impacts to scheduling and real-time information have left thousands of commuters seeking alternative arrangements. DoIT security monitors detected unauthorized access to portions of MTA’s back-end systems.
Columbia University data breach impacts nearly 870,000 individuals
An unknown threat actor has stolen the sensitive personal, financial, and health information of nearly 870,000 Columbia University current and former students and employees after breaching the university’s network in May.
The breach was discovered and reported to law enforcement authorities following an outage that affected some of its systems on June 24, following an investigation with support from external cybersecurity experts.
CISA Releases Two Industrial Control Systems Advisories
CISA released two Industrial Control Systems (ICS) advisories on August 5, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.