SecurityScorecard stories

Boomi tops 30,000 customers and runs 75,000 AI agents in production, as enterprises shift from AI experiments to large-scale automation.

Firms are urged to boost cyber defences amid rising AI risks and third-party breaches, as traditional security methods fall short in today's threat landscape.

SecurityScorecard has acquired AI-driven HyperComply to enhance supply chain security with faster, automated vendor risk assessments and compliance management.

Jaguar Land Rover has halted global vehicle production and dealer operations after a cyberattack disrupted its digital systems, affecting the Solihull plant and UK dealers.

A SecurityScorecard survey reveals 88% of cybersecurity leaders worry about supply chain risks, yet most firms lack effective active defence measures.

A cyberattack on United Natural Foods, a key supplier for Whole Foods, risks widespread disruption to North America's food supply chains and grocery availability.

LexisNexis has suffered a data breach exposing personal details of over 364,000 people via a third-party software platform, raising security concerns.

Adidas has suffered a data breach via a third-party provider, exposing customer information and highlighting rising cyber risks in retail supply chains.

The US has charged Russian Rustam Gallyamov for running the Qakbot malware network, seizing USD $24m in cryptocurrency from cybercrime activities.

Nearly 42% of data breaches in top fintech firms stem from third-party vendors, highlighting critical supply chain vulnerabilities despite strong internal security.

The 2025 Global Third-Party Breach Report reveals a significant dip in technology sector breaches to 46.75%, highlighting a shift in cyber-attack patterns.

A newly uncovered botnet of over 130,000 compromised devices is exploiting Microsoft 365 accounts through password spraying attacks, raising security alarms.

A newly discovered botnet, consisting of over 130,000 compromised devices, is targeting Microsoft 365 accounts with password spraying attacks, linked to China-based actors.

DeepSeek faces intense scrutiny over significant security flaws and data management practices, prompting bans across multiple countries amidst privacy concerns.

A report reveals that 59% of cyber breaches in the top 150 insurance firms stem from third-party attacks, exposing serious supply chain vulnerabilities.

The return of Volt Typhoon, a state-sponsored cyber-espionage group, threatens global infrastructures, exploiting outdated devices for covert operations.

Experts are raising alarms about severe cybersecurity vulnerabilities following explosions in Hezbollah-owned pagers in Lebanon.

The Microsoft Azure outage, triggered by a faulty CrowdStrike update, disrupted banking, aviation, and healthcare globally, highlighting cybersecurity flaws.

Recent data breaches at the BBC Pension Scheme and Los Angeles Unified School District (LAUSD) have exposed critical vulnerabilities, prompting cybersecurity experts to issue warnings about the potential misuse of stolen information.

The ISACA and SecurityScorecard paper provides 11 key questions to ask to implement continuous assurance related to threat understanding.