Security

Third-party attacks emerged as a significant driver of material financial losses from cyber incidents in 2024, according to cyber risk management firm Resilience. Third-party risks made up 31% of all client insurance claims and 23% of material losses last year. This marks a significant change from 2023, when no third-party claims led to material losses

A new ransomware attack by DragonForce has targeted organizations in Saudi Arabia. The attack, which affected a prominent Riyadh-based real estate and construction firm, resulted in the exfiltration of over 6TB of sensitive data. According to a new advisory by Resecurity, threat actors first announced the breach on February 14, 2025, demanding ransom before publishing

A growing reliance on APIs has fueled security concerns, with nearly all organizations (99%) reporting API-related security issues in the past year. According to the Q1 2025 State of API Security Report by Salt Security, the rapid expansion of API ecosystems—driven by cloud migration, platform integration and data monetization—is outpacing security measures and exposing organizations

In 2024, cyber-criminals have launched attacks within 48 hours of discovering a vulnerability, with 61% of hackers using new exploit code in this short timeframe. Companies faced an average of 68 days of critical cyber-attacks, while ransomware remained the most significant threat. The healthcare industry was particularly affected, with ransomware responsible for 95% of all

A critical security vulnerability in Essential Addons for Elementor has been identified, potentially impacting over two million WordPress websites. The flaw, a reflected cross-site scripting (XSS) vulnerability, was discovered due to insufficient validation of the popup-selector query argument, allowing malicious scripts to be executed. The issue, tracked with CVE-2025-24752, was first uncovered by Patchstack Alliance researcher