Vodafone refused to pay Lapsus$ extortionists, prompting the group to publish source code and infrastructure documentation—confirming security leadership’s stance against ransom payments.
Microsoft authentication services have experienced a global outage, preventing MFA configuration and access to the central portal for sign-in activity management.
European regulation through the EU AI Act and NIS2 Directive shapes digital sovereignty requirements and demands new governance and security structures from CDOs.
Cyber resilience must be planned across ecosystems rather than within individual organizations, as dependencies create attack vectors and propagation pathways for security incidents.
Microsoft’s Entra Passkeys enable phishing-resistant authentication on private and unmanaged endpoints, reducing the attack surface for password-based compromises.
A security researcher publicly releases six zero-day exploits for Microsoft products without giving the company a chance to patch – CISOs must prepare for immediately exploitable vulnerabilities.
Russian cyber group GREYVIBE has been conducting targeted attacks against Ukraine since August 2025 and requires heightened vigilance in NIS2 reporting chains.