Secure World News

This paper is a companion to our initial paper, From Principles to Relationships: Redesigning Ethics for AI’s Alien Cognition, about how to apply an Ethics model to Agentic AI

As connected healthcare devices become more pervasive and critical to patient outcomes, the cyber risks tied to their design, production, and deployment grow exponentially. In its latest white paper, the U.S. Food and Drug Administration (FDA) takes a proactive stance with a detailed “Cybersecurity Risk Management Playbook” aimed at medical device manufacturers and their supply chain partners.

The U.S. Department of Homeland Security (DHS) issued a new National Terrorism Advisory System (NTAS) bulletin on June 22nd, warning of an “elevated threat environment” in the United States amid global unrest and rising tensions with foreign adversaries like Iran. While the alert highlights threats both physical and digital, cybersecurity professionals are zeroing in on the increased likelihood of Iranian-backed cyber activity targeting U.S. organizations and infrastructure.

You’re at a café, waiting for your coffee. Instead of a physical menu, there’s a QR code on the table. You scan it without hesitation because it feels like second nature now. At the gym, the flyer advertising a free class also has a QR code. At a music festival, a food truck uses one to take orders. In the moment, scanning seems efficient, even enjoyable. But that innocent gesture might be the start of something much darker.

As kinetic conflict continues to unfold between Israel and Iran, a parallel battle is raging in cyberspace—one that is disrupting financial systems, wiping out crypto holdings, hijacking broadcast channels, and even triggering a near-total internet shutdown. The escalation marks one of the most comprehensive campaigns of cyber warfare in recent memory.

The 2025 Cybersecurity Information Sheet (CSI) on AI and Data Security offers critical guidance for organizations navigating the intersection of artificial intelligence and cybersecurity.

Artificial intelligence (AI) and machine learning (ML) are rapidly becoming integral to critical systems—from autonomous vehicles and smart cities to medical diagnosis and finance. But alongside the benefits comes a new risk: adversarial AI. This refers to techniques that deliberately mislead or manipulate AI models, causing them to malfunction.

When renewable energy becomes a security risk Some people are concerned about whether solar panels will operate after periods of cloudy weather, others are more concerned about whether they can be remotely accessed. This is where the IT/OT worlds collide, creating potential security issues for energy providers.

Scattered Spider, the notorious threat group known for targeting major retailers and employing advanced social engineering techniques, has reportedly shifted its focus to the U.S. insurance industry, according to a new warning from Google’s Threat Intelligence Group (GTIG).

It’s hard to find a SaaS application these days that doesn’t include some form of AI. A recent McKinsey report found that 55% of organizations had adopted AI in at least one function, and that number is rising steadily. Whether it’s summarizing emails, recommending code, or interpreting natural language queries, AI has become the quiet engine under many digital hoods. But with great functionality comes great responsibility, especially when that AI is powered by a third party.

A new report from Symantec and the Carbon Black Threat Hunter team reveals a concerning evolution in the Fog ransomware operation, which now leverages a rare mix of legitimate software, open-source tools, and stealthy delivery mechanisms to compromise organizations.

The brittleness of static ethics As AI systems become more sophisticated, we’re facing something unprecedented: AI is advancing into domains of human superiority, and we’re uncertain how to ensure AI’s continued goodwill toward humanity.

United Natural Foods Inc. (UNFI), the largest publicly traded wholesale food distributor in the United States, is the latest victim in a string of cyberattacks targeting the supply chain. The company disclosed a cybersecurity incident earlier this week that temporarily disrupted parts of its operations and sent its stock tumbling more than 9%.

Throughout the past year, artificial intelligence has gone from being a promising tool to a foundational force reshaping how we design, build, and secure technology. The velocity of this transformation is staggering—and so are the implications to productivity, as well as security.

Chinese government-backed hackers attempted, and failed, to breach cybersecurity firm SentinelOne in what experts call a textbook example of long-term espionage tradecraft aimed at high-value targets. The intrusion attempts were detailed in a new report from SentinelOne’s research arm, SentinelLABS, which also uncovered broader campaigns affecting dozens of organizations across the globe.

Most aviation processes are heavily digitized, and in the wake of new cyber threats, airlines and the broader sector must prioritize cybersecurity more than ever before.

The Honeywell 2025 Cyber Threat Report delivers a sobering snapshot of today’s industrial cybersecurity landscape: cyberattacks targeting operational technology (OT) environments are no longer rare or speculative—they’re persistent, highly targeted, and increasingly sophisticated. This year’s report is a must-read for practitioners defending OT-heavy sectors like manufacturing, energy, logistics, and critical infrastructure.

In its 2025 State of SIEM report, CardinalOps delivers a stark message to cybersecurity professionals: despite massive investments in Security Information and Event Management (SIEM) platforms, most organizations are blind to a majority of known MITRE ATT&CK techniques. And the situation isn’t improving fast enough.

A new wave of malicious packages found across npm, PyPI, and RubyGems has again exposed how vulnerable the open-source software supply chain remains to exploitation.

In a matter of days, three major cybersecurity incidents have hit the retail and financial services sectors, drawing renewed attention to supply chain vulnerabilities, credential-based attacks, and the increasing value of non-financial customer data. These breaches—affecting Cartier, Main Street Bank, and The North Face—underscore the rising threat landscape facing luxury and everyday consumer brands.