Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! How much?! Wow…

The application security landscape is shifting as organizations move away from a fragmented ecosystem of point solutions towards a unified platform such as the Mend AppSec Platform. Leveraging these platform-specific strengths brings numerous advantages: streamlined workflows, a cross-product workflow engine, a consolidated data model that enhances security posture, and developers that can focus fully on innovation.

Read also: Two crypto thieves arrested in the US, the creator of the Skynet Dark Web market sentenced, and more.

What you need to know about cyber resiliency and protecting your organization from threats and other business disruptions by ensuring continuity.

TOKEN2049 Singapore was a melting pot of global leaders and cutting-edge trends in the crypto space with over 20,000 visitors, 400 exhibitors, and 600 side events. Amid all of the expert discussions and industry thought leadership, I sat down to examine what I thought were the most important takeaways from the world’s biggest crypto event.

UpGuard is excited to announce the latest addition to our Vendor Risk Questionnaire Library: the DORA (Digital Operational Resilience Act) questionnaire! The addition of DORA to the Questionnaire Library reflects UpGuard’s ongoing commitment to providing our customers with the necessary tools to navigate today’s evolving regulatory standards.

…In the world of supply chain security, vigilance is your best friend. Stay informed, stay alert, and always prioritize security in your decisions. After all, in this interconnected digital world, we’re all in this together.

The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Department of Health and Human Services (HHS) recently issued a joint advisory on the RansomHub ransomware. RansomHub is a ransomware-as-a-service variant, previously known as Cyclops and Knight. Since February 2024, it has encrypted and exfiltrated data from over 210 victims spanning multiple industries.

The ability to manage and monitor your attack surface is no longer a luxury—it’s a necessity. The rapid expansion of networks, coupled with the shift to cloud computing and remote work, has created a vast and ever-changing attack surface that requires constant vigilance. This article delves into the most effective attack surface management tools and techniques, offering insights into how they can bolster your cyber security posture and safeguard your organisation against evolving threats.

How worried should small businesses be about cyber attacks? Pretty worried, according to Alan Watkins, a professor for the Cybersecurity Master’s Degree Program at National University, and an expert with a long career in cybersecurity, emergency management, and law enforcement.