Cybersecurity News Feed

Next-Gen Developers Are a Cybersecurity Powder Keg

AI coding tools promise productivity but deliver security problems, too. As developers embrace "vibe coding," enterprises face mounting risk...

China-Backed Hackers Target SentinelOne in 'PurpleHaze' Atta...

Known threat groups APT15 and UNC5174 unleashed attacks against SentinelOne and more than 70 other high-value targets, as part of ongoing cyber-espion...

Cutting-Edge ClickFix Tactics Snowball, Pushing Phishing For...

Several widespread ClickFix campaigns are underway, bent on delivering malware to business targets, and they represent a new level of phishing sophist...

F5 Acquires Agentic AI Security Startup Fletch

Agentic AI technology will be integrated into the recently launched F5 Application Delivery and Security Platform.

BADBOX 2.0 Targets Home Networks in Botnet Campaign, FBI War...

Though the operation was partially disrupted earlier this year, the botnet remains active and continues to target connected Android devices.

Docuseries Explores Mental, Physical Hardships of CISOs

During "CISO: The Worst Job I Ever Wanted," several chief information security officers reveal how difficult it is to be in a role that, des...

Synthetic Data Is Here to Stay, but How Secure Is It?

Synthetic data offers organizations a way to develop AI while maintaining privacy compliance but requires careful management to prevent re-identificat...

MSFT-CrowdStrike 'Rosetta Stone' for Naming APTs: Meh?

Microsoft and CrowdStrike announced an effort to deconflict the overlapping names of threat groups and reduce confusion for companies, but we've been ...

Prep for Layoffs Before They Compromise Security

Mass layoffs create cybersecurity vulnerabilities through dormant accounts and disgruntled employees.

SecOps Teams Need to Tackle AI Hallucinations to Improve Acc...

The risks associated with AI embedded into threat detection and response tools can't be completely eradicated, but SecOps teams can take steps to at l...

Digital Forensics Firm Cellebrite to Acquire Corellium

Cellebrite, a controversial digital forensics firm, is set to acquire virtualization vendor Corellium in a $170 million deal.

'PathWiper' Attack Hits Critical Infrastructure In Ukraine

Cisco Talos researchers observed the new wiper malware in a destructive attack against an unnamed critical infrastructure organization.

Cisco Warns of Credential Vuln on AWS, Azure, Oracle Cloud

The vulnerability, with a 9.9 CVSS score on a 10-point scale, results in different Cisco ISE deployments all sharing the same credentials as long as t...

Backdoored Malware Reels in Newbie Cybercriminals

Sophos researchers found this operation has similarities or connections to many other campaigns targeting GitHub repositories dating back to August 20...

Questions Swirl Around ConnectWise Flaw Used in Attacks

ConnectWise issued a patch to stave off attacks on ScreenConnect customers, but the company's disclosures don't explain what the vulnerability is and ...

Finding Balance in US AI Regulation

The US can't afford to wait for political consensus to catch up to technological change.

Iranian APT 'BladedFeline' Hides in Network for 8 Years

ESET published research on the Iranian APT "BladedFeline," which researchers believe is a subgroup of the cyber-espionage entity APT34.

Cybersecurity Training in Africa Aims to Bolster Professiona...

The United Nations, Carnegie Mellon University, and private organizations are all aiming to train the next generation of cybersecurity experts, boost ...

35K Solar Devices Vulnerable to Potential Hijacking

A little more than three-quarters of these exposed devices are located in Europe, followed by Asia, with 17%.

Vishing Crew Targets Salesforce Data

A group that Google is tracking as UNC6040 has been tricking users at many organizations into installing a malicious version of a Salesforce app to ga...

How Neuroscience Can Help Us Battle 'Alert Fatigue'

By understanding the neurological realities of human attention, organizations can build more sustainable security operations that protect not only the...

Researchers Bypass Deepfake Detection With Replay Attacks

An international group of researchers found that simply rerecording deepfake audio with natural acoustics in the background allows it to bypass detect...

Attackers Impersonate Ruby Packages to Steal Sensitive Teleg...

Malicious RubyGems pose as a legitimate plug-in for the popular Fastlane rapid development platform in a geopolitically motivated attack with global s...

Beware of Device Code Phishing

Hackers are exploiting trusted authentication flows — like Microsoft Teams and IoT logins — to trick users into handing over access tokens, bypassing ...

LayerX Launches ExtensionPedia

TXOne Networks Introduces Capability for Intelligent Vulnera...

'Crocodilus' Sharpens Its Teeth on Android Users

The data-stealing malware initially targeted users in Turkey but has since evolved into a global threat.

Victoria's Secret Delays Earnings Call Due to Cyber Incident

But that didn't stop the clothing retailer from issuing preliminary results for the first quarter of 2025.

Chrome Drops Trust for Chunghwa, Netlock Certificates

Digital certificates authorized by the authorities will no longer have trust by default in the browser starting in August, over what Google said is a ...

LummaC2 Fractures as Acreed Malware Becomes Top Dog

LummaC2 formerly accounted for almost 92% of Russian Market's credential theft log alerts. Now, the Acreed infostealer has replaced its market share.

Is Your CISO Navigating Your Flight Path?

If your CISO isn't wielding influence with the CEO and helping top leaders clearly see the flight path ahead, your company is dangerously exposed.

Open-Weight Chinese AI Models Drive Privacy Innovation in LL...

Edge computing and stricter regulations could usher in a new era of AI privacy.

EMR-ISAC Shuts Down: What Happens Now?

This information-sharing hub provided essential information to the emergency services sector on physical and cyber threats. Some say the timing is con...

Exploitation Risk Grows for Critical Cisco Bug

New details on the Cisco IOS XE vulnerability could help attackers develop a working exploit soon, researchers say.

Trickbot, Conti Ransomware Operator Unmasked Amid Huge Ops L...

An anonymous whistleblower has leaked large amounts of data tied to the alleged operator behind Trickbot and Conti ransomware.

Australia Begins New Ransomware Payment Disclosure Rules

The country will require certain organizations to report ransomware payments and communications within 72 hours after they're made or face potential c...

Critical Bugs Could Spark Takeover of Widely Used Fire Safet...

The unpatched security vulnerabilities in Consilium Safety's CS5000 Fire Panel could create "serious safety issues" in environments where fi...

Beyond the Broken Wall: Why the Security Perimeter Is Not En...

Organizations need to abandon perimeter-based security for data-centric protection strategies in today's distributed IT environments.

In the AI Race With China, Don't Forget About Security

The US needs to establish a clear framework to provide reasonable guardrails to protect its interests — the quicker, the better.

'Earth Lamia' Exploits Known SQL, RCE Bugs Across Asia

A "highly active" Chinese threat group is taking proverbial candy from babies, exploiting known bugs in exposed servers to steal data from o...

FBI Warns of Filipino Tech Company Running Sprawling Crypto ...

The US Treasury said cryptocurrency investment schemes like the ones facilitated by Funnull Technology Inc. have cost Americans billions of dollars an...

Vibe Coding Changed the Development Process

AI tools shook up development. Now, product security must change too.

Tenable to Acquire AI Security Startup Apex

Apex will enhance Tenable's AI Aware tool by mitigating the threats of AI applications and tools not governed by organizations, while enforcing existi...

CISO Stature Rises, but Security Budgets Remain Tight

The rate of compensation gains has slowed from the COVID years, and budgets remain largely static due to economic fears, but CISOs are increasingly ga...

ConnectWise Breached, ScreenConnect Customers Targeted

The software company, which specializes in remote IT management, said a "sophisticated nation state actor" was behind the attack but provide...

'Everest Group' Extorts Global Orgs via SAP's HR Tool

In addition to Coca-Cola, entities in Abu Dhabi, Jordan, Namibia, South Africa, and Switzerland are experiencing extortion attacks, all involving stol...

From Code Red to Rust: Microsoft's Security Journey

At this year's Build developer conference, Microsoft reflected on what the company learned about securing features and writing secure code in the earl...

NSA, CISA Urge Organizations to Secure Data Used in AI Model...

New guidance includes a list of 10 best practices to protect sensitive data throughout the AI life cycle, as well as tips to address supply chain and ...

Victoria's Secret Goes Offline After 'Incident' Claims

The lingerie retailer isn't revealing much about the security incident it's dealing with but has brought in third-party experts to address the issue.

New Botnet Plants Persistent Backdoors in ASUS Routers

Thousands of ASUS routers have been infected and are believed to be part of a wide-ranging ORB network affecting devices from Linksys, D-Link, QNAP, a...

SentinelOne Reports Services Are Back Online After Global Ou...

The outage reportedly hit 10 commercial customer consoles for SentinelOne's Singularity platform, including Singularity Endpoint, XDR, Cloud Security,...

Zscaler's Buyout of Red Canary Shows Telemetry's Value

Red Canary's MDR portfolio complements Zscaler's purchase last year of Israeli startup Avalor, which automates collection, curation, and enrichment of...

APT41 Uses Google Calendar Events for C2

APT41, a Chinese state-sponsored threat actor also known as "Double Dragon," used Google Calendar as command-and-control infrastructure duri...

PumaBot Targets Linux Devices in Latest Botnet Campaign

While the botnet may not be completely automated, it uses certain tactics when targeting devices that indicate that it may, at the very least, be semi...

LexisNexis Informs 360K+ Customers of Third-Party Data Leak

While the leak affected customer data, LexisNexis said in a notification letter that its products and systems were not compromised.

A Defense-in-Depth Approach for the Modern Era

By integrating intelligent network policies, zero-trust principles, and AI-driven insights, enterprises can create a robust defense against the next g...

'Haozi' Gang Sells Turnkey Phishing Tools to Amateurs

The phishing operation is using Telegram groups to sell a phishing-as-a-service kit with customer service, a mascot, and infrastructure that requires ...

Certified Randomness Uses Quantum Cryptography to Make Stron...

Researchers are using quantum computers to generate keys that are truly random to strengthen data encryption.

Hundreds of Web Apps Have Full Access to Microsoft OneDrive ...

Researchers at Oasis Security say the problem has to do with OneDrive File Picker having overly broad permissions.

CISA Issues SOAR, SIEM Implementation Guidance

Among the recommendations, organizations should conduct thorough testing and manage costs, which can be hefty, before implementing the platforms.

Implementing Secure by Design Principles for AI

Harnessing AI's full transformative potential safely and securely requires more than an incremental enhancement of existing cybersecurity practices. A...

Cellcom Restores Regional Mobile Services After Cyberattack

Customers in parts of Wisconsin and Michigan could not make calls or send text messages for nearly a week after an incident on May 14, and service is ...

Why Take9 Won't Improve Cybersecurity

The latest cybersecurity awareness campaign asks users to pause for nine seconds before clicking — but this approach misplaces responsibility and igno...

Have Your Say: Dark Reading Seeks Your Input

Dark Reading is offering its readers the opportunity to tell us how we're doing via a new survey.

Apple Blocks $9 Billion in Fraud Over 5 Years Amid Rising Ap...

Apple on Tuesday revealed that it prevented over $9 billion in fraudulent transactions in the last five years, including more than $2 billion in 2024 ...

Indian Police Arrest Cybercrime Gang Copycats of Myanmar Biz...

The region offers attractive conditions: a large pool of tech workers, economic disparity, and weak enforcement of cybercrime laws — all of which attr...

DragonForce ransomware abuses SimpleHelp in MSP supply chain...

The DragonForce ransomware operation successfully breached a managed service provider and used its SimpleHelp remote monitoring and management (RMM) p...

Adidas Falls Victim to Third-Party Data Breach

Though Adidas said that no payment or financial information was affected in the breach, individuals who contacted the compamy's customer service help ...

CISA Warns of Attacks Targeting Commvault SaaS Environment

A threat actor has gained access to Microsoft 365 environments of a small number of customers of Commvault's Metallic service.

DragonForce Ransomware Strikes MSP in Supply Chain Attack

DragonForce, a ransomware "cartel" that has gained significant popularity since its debut in 2023, attacked an MSP as part of a recent suppl...

Iranian pleads guilty to RobbinHood ransomware attacks, face...

An Iranian national has pleaded guilty to participating in the Robbinhood ransomware operation, which was used to breach the networks, steal data, and...

MathWorks, Creator of MATLAB, Confirms Ransomware Attack

The attack dirsupted MathWorks' systems and online applications, but it remains unclear which ransomware group targeted the software company and wheth...

FBI: Silent Ransom Group Adopts Vishing Campaign Against Law...

The non-ransomware extortion group has switched up tactics and victimology in a deliberate and focused campaign similar to those of other attackers fo...

New Self-Spreading Malware Infects Docker Containers to Mine...

Misconfigured Docker API instances have become the target of a new malware campaign that transforms them into a cryptocurrency mining botnet. The atta...

How the New Hacker Millionaire Class Was Built

Once dismissed as Internet miscreants in hoodies, ethical hackers have hit the big time, earning millions from blue-chip firms. And they say it's thei...

Danabot Takedown Deals Blow to Russian Cybercrime

A multiyear investigation by a public-private partnership has resulted in the seizure of the botnet's US-based infrastructure and indictments for its ...

Not Every CVE Deserves a Fire Drill: Focus on What’s Exploit...

Not every "critical" vulnerability is a critical risk. Picus Exposure Validation cuts through the noise by testing what's actually exploitable in your...

Cybercriminals Clone Antivirus Site to Spread Venom RAT and ...

Cybersecurity researchers have disclosed a new malicious campaign that uses a fake website advertising antivirus software from Bitdefender to dupe vic...

CVE Uncertainty Underlines Importance of Cyber Resilience

Organizations need to broaden their strategy to manage vulnerabilities more effectively and strengthen network cyber resilience.

MATLAB dev confirms ransomware attack behind service outage

MathWorks, a leading developer of mathematical computing and simulation software, has revealed that a recent ransomware attack is behind an ongoing se...

Russian Hackers Breach 20+ NGOs Using Evilginx Phishing via ...

Microsoft has shed light on a previously undocumented cluster of malicious activity originating from a Russia-affiliated threat actor dubbed Void Bliz...

Russian Laundry Bear cyberspies linked to Dutch Police hack

A previously unknown Russian-backed cyberespionage group now tracked as Laundry Bear has been linked to a September 2024 Dutch police security breach....

AI Agents and the Non‑Human Identity Crisis: How to Deploy A...

Artificial intelligence is driving a massive shift in enterprise productivity, from GitHub Copilot’s code completions to chatbots that mine internal k...

Employees Searching Payroll Portals on Google Tricked Into S...

Threat hunters have exposed a novel campaign that makes use of search engine optimization (SEO) poisoning techniques to target employee mobile devices...

Windows Server emergency update fixes Hyper-V VM freezes, re...

Microsoft has released an emergency update to address a known issue causing some Hyper-V virtual machines with Windows Server 2022 to freeze or restar...

Adidas warns of data breach after customer service provider ...

German sportswear giant Adidas disclosed a data breach after attackers hacked a customer service provider and stole some customers' data. [...]

Hackers Are Calling Your Office: FBI Alerts Law Firms to Lun...

The U.S. Federal Bureau of Investigation (FBI) has warned of social engineering attacks mounted by a criminal extortion actor known as Luna Moth targe...

Russia-Linked Hackers Target Tajikistan Government with Weap...

The Russia-aligned threat actor known as TAG-110 has been observed conducting a spear-phishing campaign targeting Tajikistan using macro-enabled Word ...

Over 70 Malicious npm and VS Code Packages Found Stealing Da...

As many as 60 malicious npm packages have been discovered in the package registry with malicious functionality to harvest hostnames, IP addresses, DNS...

Google claims users find ads in AI search 'helpful'

Google AI mode and AI Overviews now have ads, which, according to the search engine giant, are "helpful." [...]

OpenAI plans to ship an interesting ChatGPT product by 2026

OpenAI is planning to ship a new ChatGPT-powered product by 2026, but we aren't looking at yet another model. [...]

CISO's Guide To Web Privacy Validation And Why It's Importan...

Are your web privacy controls protecting your users, or just a box-ticking exercise? This CISO’s guide provides a practical roadmap for continuous web...

⚡ Weekly Recap: APT Campaigns, Browser Hijacks, AI Malware, ...

Cyber threats don't show up one at a time anymore. They’re layered, planned, and often stay hidden until it’s too late. For cybersecurity teams, the k...

Vibe coding company says Claude 4 reduced syntax errors by 2...

Lovable, which is a Vibe coding company, announced that Claude 4 has reduced its errors by 25% and made it faster by 40%. [...]

Leak suggests xAI is getting ready to ship Grok 3.5

xAI, founded by Elon Musk, is preparing to launch Grok 3.5, the company's next state-of-the-art AI model. [...]

ChatGPT Deep Research can now pull data from Dropbox and Box

You can now connect your Box and Dropbox accounts to Deep Research on ChatGPT and pull data, which will be used by the AI to conduct research. [...]

Hackers Use Fake VPN and Browser NSIS Installers to Deliver ...

Cybersecurity researchers have disclosed a malware campaign that uses fake software installers masquerading as popular tools like LetsVPN and QQ Brows...

Hackers Use TikTok Videos to Distribute Vidar and StealC Mal...

The malware known as Latrodectus has become the latest to embrace the widely-used social engineering technique called ClickFix as a distribution vecto...

3 Critical Pillars of Cyber-Resilience

Encryption, collaboration, and AI can help organizations build up essential protection against ransomware.

How AI Is Transforming SASE, Zero Trust for Modern Enterpris...

By automating security policies and threat detection while coaching users on data protection, companies will be better able to take control of and pro...

Rethinking Data Privacy in the Age of Generative AI

The key to navigating this new GenAI landscape is a balanced approach — one that fosters transparency, strengthens regulatory frameworks, and embraces...

3 Severe Bugs Patched in Versa's Concerto Orchestrator

Three zero-days could have allowed an attacker to completely compromise the Concerto application and the host system running it.

Companies Look to AI to Tame the Chaos of Event Security, Op...

As the summer event season kicks off, venue managers and security firms aim to make AI part of the solution for keeping control of crowds and protecti...

ViciousTrap Uses Cisco Flaw to Build Global Honeypot from 5,...

Cybersecurity researchers have disclosed that a threat actor codenamed ViciousTrap has compromised nearly 5,300 unique network edge devices across 84 ...

300 Servers and €3.5M Seized as Europol Strikes Ransomware N...

As part of the latest "season" of Operation Endgame, a coalition of law enforcement agencies have taken down about 300 servers worldwide, neutralized ...

SafeLine WAF: Open Source Web Application Firewall with Zero...

From zero-day exploits to large-scale bot attacks — the demand for a powerful, self-hosted, and user-friendly web application security solution has ne...

U.S. Dismantles DanaBot Malware Network, Charges 16 in $50M ...

The U.S. Department of Justice (DoJ) on Thursday announced the disruption of the online infrastructure associated with DanaBot (aka DanaTools) and uns...

CISA Warns of Suspected Broader SaaS Attacks Exploiting App ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday revealed that Commvault is monitoring cyber threat activity targeting app...

GitLab Duo Vulnerability Enabled Attackers to Hijack AI Resp...

Cybersecurity researchers have discovered an indirect prompt injection flaw in GitLab's artificial intelligence (AI) assistant Duo that could have all...

Oops: DanaBot Malware Devs Infected Their Own PCs

The U.S. government today unsealed criminal charges against 16 individuals accused of operating and selling DanaBot, a prolific strain of information-...

Picus Launches Exposure Validation to Safely Deprioritize CV...

Following Data Breach, Multiple Stalkerware Apps Go Offline

The same easily exploitable vulnerability was found in three of the apps that led to the compromise of victims' data.

Russian Threat Actor TAG-110 Goes Phishing in Tajikistan

While Ukraine remains Russia's major target for cyberattacks, TAG-110 is part of a strategy to preserve "a post-Soviet sphere of influence" ...

3AM Ransomware Adopts Email Bombing, Vishing Combo Attack

The emerging threat group is the latest to adopt the combo attack tactic, which Black Basta and other groups already are using to gain initial access ...

UK Retail Cyberattacks May Drive Up US Insurance Premiums

Insurance experts weigh in on how the recent barrage of attacks against UK retailers could affect premium rates and policy requirements, as well as ho...

CISA: Russia's Fancy Bear Targeting Logistics, IT Firms

The mission is to gather information that could help Russia in its war against Ukraine.

Blurring Lines Between Scattered Spider & Russian Cyberc...

The loosely affiliated hacking group has shifted closer to ransomware gangs, raising questions about Scattered Spider's ties to the Russian cybercrime...

Chinese Hackers Exploit Trimble Cityworks Flaw to Infiltrate...

A Chinese-speaking threat actor tracked as UAT-6382 has been linked to the exploitation of a now-patched remote-code-execution vulnerability in Trimbl...

Security Threats of Open Source AI Exposed by DeepSeek

DeepSeek's risks must be carefully considered, and ultimately mitigated, in order to enjoy the many benefits of generative AI in a manner that is safe...

Keeping LLMs on the Rails Poses Design, Engineering Challeng...

Despite adding alignment training, guardrails, and filters, large language models continue to give up secrets, make unfiltered statements, and provide...

Critical Windows Server 2025 dMSA Vulnerability Enables Acti...

A privilege escalation flaw has been demonstrated in Windows Server 2025 that makes it possible for attackers to compromise any user in Active Directo...

Chinese Hackers Exploit Ivanti EPMM Bugs in Global Enterpris...

A recently patched pair of security flaws affecting Ivanti Endpoint Manager Mobile (EPMM) software has been exploited by a China-nexus threat actor to...

Webinar: Learn How to Build a Reasonable and Legally Defensi...

It’s not enough to be secure. In today’s legal climate, you need to prove it. Whether you’re protecting a small company or managing compliance across ...

Identity Security Has an Automation Problem—And It's Bigger ...

For many organizations, identity security appears to be under control. On paper, everything checks out. But new research from Cerby, based on insights...

Critical Versa Concerto Flaws Let Attackers Escape Docker an...

Cybersecurity researchers have uncovered multiple critical security vulnerabilities impacting the Versa Concerto network security and SD-WAN orchestra...

GitLab's AI Assistant Opened Devs to Code Theft

Prompt injection risks in GitLab's AI assistant could have allowed attackers to steal source code, or indirectly deliver developers malware, dirty lin...

FBI and Europol Disrupt Lumma Stealer Malware Network Linked...

A sprawling operation undertaken by global law enforcement agencies and a consortium of private sector firms has disrupted the online infrastructure a...

SideWinder APT Caught Spying on India's Neighbor Gov'ts

A recent spear-phishing campaign against countries in South Asia aligns with broader political tensions in the region.

Experts Chart Path to Creating Safer Online Spaces for Women

Gaps in laws, technology, and corporate accountability continue to put women's safety and privacy online at risk.

Lumma Stealer Takedown Reveals Sprawling Operation

The FBI and partners have disrupted "the world's most popular malware," a sleek enterprise with thousands of moving parts, responsible for m...

Ivanti EPMM Exploitation Tied to Previous Zero-Day Attacks

Wiz researchers found an opportunistic threat actor has been targeting vulnerable edge devices, including Ivanti VPNs and Palo Alto firewalls.

Marks & Spencer Projects Cyberattack Cost of $400M

The company expects it will continue to struggle with online disruptions until at least July, due to the attack.

Pandas Galore: Chinese Hackers Boost Attacks in Latin Americ...

Vixen Panda, Aquatic Panda — both Beijing-sponsored APTs and financially motivated criminal groups continued to pose the biggest threat to organizatio...

Unimicron, Presto Attacks Mark Industrial Ransomware Surge

A number of major industrial organizations suffered ransomware attacks last quarter, such as PCB manufacturer Unimicron, appliance maker Presto, and m...

Russian Hackers Exploit Email and VPN Vulnerabilities to Spy...

Russian cyber threat actors have been attributed to a state-sponsored campaign targeting Western logistics entities and technology companies since 202...

Coinbase Breach Compromises Nearly 70K Customers' Informatio...

Coinbase asserts that this number is only a small fraction of the number of its verified users, though it's still offering a $20 million reward to cat...

Unpatched Windows Server Flaw Threatens Active Directory Use...

Attackers can exploit a vulnerability present in the delegated Managed Service Account (dMSA) feature that fumbles permission handling and is present ...

NIST's 'LEV' Equation to Determine Likelihood a Bug Was Expl...

The new 'Likely Exploited Vulnerabilities' metric could be a game-changer for SecOps teams and vulnerability patch prioritization.

The Hidden Cybersecurity Risks of M&A

Merger and acquisition due diligence typically focuses on financials, legal risks, and operational efficiencies. Cybersecurity is often an afterthough...

Dark Reading Confidential: The Day I Found an APT Group in t...

Dark Reading Confidential Episode 6: Threat hunters Ismael Valenzuela and Vitor Ventura share stories about the tricks they used to track down advance...

PureRAT Malware Spikes 4x in 2025, Deploying PureLogs to Tar...

Russian organizations have become the target of a phishing campaign that distributes malware called PureRAT, according to new findings from Kaspersky....

Fake Kling AI Facebook Ads Deliver RAT Malware to Over 22 Mi...

Counterfeit Facebook pages and sponsored ads on the social media platform are being employed to direct users to fake websites masquerading as Kling AI...

Securing CI/CD workflows with Wazuh

Continuous Integration and Continuous Delivery/Deployment (CI/CD) refers to practices that automate how code is developed and released to different en...

How to Detect Phishing Attacks Faster: Tycoon2FA Example

It takes just one email to compromise an entire system. A single well-crafted message can bypass filters, trick employees, and give attackers the acce...

Researchers Expose PWA JavaScript Attack That Redirects User...

Cybersecurity researchers have discovered a new campaign that employs malicious JavaScript injections to redirect site visitors on mobile devices to a...

Google Chrome's Built-in Manager Lets Users Update Breached ...

Google has announced a new feature in its Chrome browser that lets its built-in Password Manager automatically change a user's password when it detect...

Asia Produces More APT Actors, as Focus Expands Globally

China- and North Korea-aligned groups account for more than half of global attacks, and an increasing number of countries look to cyber to balance pow...

KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS

KrebsOnSecurity last week was hit by a near record distributed denial-of-service (DDoS) attack that clocked in at more than 6.3 terabits of data per s...

Fake Kling AI Malvertisements Lure Victims With False Promis...

Researchers noted that they found several similar websites, two of which are still operating and require the same kind of behavior on behalf of the vi...

Virgin Media 02 Vuln Exposes Call Recipient Location

A hacker exploiting the security flaw in the mobile provider's network could have potentially located a call recipient with accuracy of up to 100 squa...

Tenable Adds Third-Party Connectors to Exposure Management P...

Tenable One now pulls in data from AWS, Microsoft, and competitors to provide a holistic security view of an organization's attack surface.

Regeneron Pledges Privacy Protection in $256M Bid for 23andM...

Regeneron's planned acquisition of 23andMe raises significant privacy concerns as experts warn about the lack of comprehensive federal regulations gov...

Bumblebee Malware Takes Flight via Trojanized VMware Utility

An employee inadvertently downloaded a malicious version of the legitimate RVTools utility, which launched an investigation into an attempted supply c...

Hazy Hawk Exploits DNS Records to Hijack CDC, Corporate Doma...

A threat actor known as Hazy Hawk has been observed hijacking abandoned cloud resources of high-profile organizations, including Amazon S3 buckets and...

Large Retailers Land in Scattered Spider's Ransomware Web

The threat group games IT help desks to gain entry into retailer networks, and signs show it has shifted its attention from the UK to US targets.

100+ Fake Chrome Extensions Found Hijacking Sessions, Steali...

An unknown threat actor has been attributed to creating several malicious Chrome Browser extensions since February 2024 that masquerade as seemingly b...

'Hazy Hawk' Cybercrime Gang Swoops In for Cloud Resources

Since December 2023, the threat group has preyed on domains belonging to the US Centers for Disease Control and Prevention (CDC) and numerous other re...

Novel Phishing Attack Combines AES With Poisoned npm Package...

Researchers discovered a phishing attack in the wild that takes multiple well-tread technologies like open source packages and AES encryption and comb...

Why Rigid Security Programs Keep Failing

Organizations that stay ahead of attacks won't be the most compliant ones — they'll be the ones most honest about what actually works.

AWS Default IAM Roles Found to Enable Lateral Movement and C...

Cybersecurity researchers have discovered risky default identity and access management (IAM) roles impacting Amazon Web Services that could open the d...

The Crowded Battle: Key Insights from the 2025 State of Pent...

In the newly released 2025 State of Pentesting Report, Pentera surveyed 500 CISOs from global enterprises (200 from within the USA) to understand the ...

South Asian Ministries Hit by SideWinder APT Using Old Offic...

High-level government institutions in Sri Lanka, Bangladesh, and Pakistan have emerged as the target of a new campaign orchestrated by a threat actor ...

Chinese Hackers Deploy MarsSnake Backdoor in Multi-Year Atta...

Threat hunters have exposed the tactics of a China-aligned threat actor called UnsolicitedBooker that targeted an unnamed international organization i...

Go-Based Malware Deploys XMRig Miner on Linux Hosts via Redi...

Cybersecurity researchers are calling attention to a new Linux cryptojacking campaign that's targeting publicly accessible Redis servers. The maliciou...

Malicious PyPI Packages Exploit Instagram and TikTok APIs to...

Cybersecurity researchers have uncovered malicious packages uploaded to the Python Package Index (PyPI) repository that act as checker tools to valida...

'Operation RoundPress' Targets Ukraine in XSS Webmail Attack...

A cyber-espionage campaign is targeting Ukrainian government entities with a series of sophisticated spear-phishing attacks that exploit XSS vulnerabi...

S. Dakota CIO Gottumukkala Signs on as CISA Deputy Director

The addition is an important hire for the No. 2 position at the cyber agency. The main director role remains unfilled post-Easterly, with Bridget Bean...

Legal Aid Agency Warns Lawyers, Defendants on Data Breach

The online service has since been shut down as the agency grapples with the cyberattack, though it assures the public that those most in need of legal...

RVTools Official Site Hacked to Deliver Bumblebee Malware vi...

The official site for RVTools has been hacked to serve a compromised installer for the popular VMware environment reporting utility. "Robware.net and ...

Ransomware Gangs Use Skitnet Malware for Stealthy Data Theft...

Several ransomware actors are using a malware called Skitnet as part of their post-exploitation efforts to steal sensitive data and establish remote c...

CVE Disruption Threatens Foundations of Defensive Security

If the Common Vulnerabilities and Exposures system continues to face uncertainty, the repercussions will build slowly, and eventually the cracks will ...

Why CTEM is the Winning Bet for CISOs in 2025

Continuous Threat Exposure Management (CTEM) has moved from concept to cornerstone, solidifying its role as a strategic enabler for CISOs. No longer a...

Firefox Patches 2 Zero-Days Exploited at Pwn2Own Berlin with...

Mozilla has released security updates to address two critical security flaws in its Firefox browser that could be potentially exploited to access sens...

⚡ Weekly Recap: Zero-Day Exploits, Insider Threats, APT Targ...

Cybersecurity leaders aren’t just dealing with attacks—they’re also protecting trust, keeping systems running, and maintaining their organization’s re...

[Webinar] From Code to Cloud to SOC: Learn a Smarter Way to ...

Modern apps move fast—faster than most security teams can keep up. As businesses rush to build in the cloud, security often lags behind. Teams scan co...

Coinbase Extorted, Offers $20M for Info on Its Hackers

Coinbase is going Liam Neeson on its attackers, potentially setting a new precedent for incident response in the wake of crypto- and blockchain-target...

New HTTPBot Botnet Launches 200+ Precision DDoS Attacks on G...

Cybersecurity researchers are calling attention to a new botnet malware called HTTPBot that has been used to primarily single out the gaming industry,...

Top 10 Best Practices for Effective Data Protection

Data is the lifeblood of productivity, and protecting sensitive data is more critical than ever. With cyber threats evolving rapidly and data privacy ...

Researchers Expose New Intel CPU Flaws Enabling Memory Leaks...

Researchers at ETH Zürich have discovered yet another security flaw that they say impacts all modern Intel CPUs and causes them to leak sensitive data...

Fileless Remcos RAT Delivered via LNK Files and MSHTA in Pow...

Cybersecurity researchers have shed light on a new malware campaign that makes use of a PowerShell-based shellcode loader to deploy a remote access tr...

Breachforums Boss to Pay $700k in Healthcare Breach

In what experts are calling a novel legal outcome, the 22-year-old former administrator of the cybercrime community Breachforums will forfeit nearly $...

Patch Tuesday, May 2025 Edition

Microsoft on Tuesday released software updates to fix at least 70 vulnerabilities in Windows and related products, including five zero-day flaws that ...

Pakistani Firm Shipped Fentanyl Analogs, Scams to US

A Texas firm recently charged with conspiring to distribute synthetic opioids in the United States is at the center of a vast network of companies in ...

xAI Dev Leaks API Key for Private SpaceX, Tesla LLMs

A employee at Elon Musk's artificial intelligence company xAI leaked a private key on GitHub that for the past two months could have allowed anyone to...

Alleged ‘Scattered Spider’ Member Extradited to U.S.

A 23-year-old Scottish man thought to be a member of the prolific Scattered Spider cybercrime group was extradited last week from Spain to the United ...

DOGE Worker’s Code Supports NLRB Whistleblower

A whistleblower at the National Labor Relations Board (NLRB) alleged last week that denizens of Elon Musk's Department of Government Efficiency (DOGE)...

Whistleblower: DOGE Siphoned NLRB Case Data

A security architect with the National Labor Relations Board (NLRB) alleges that employees from Elon Musk's Department of Government Efficiency (DOGE)...

Funding Expires for Key Cyber Vulnerability Database

A critical resource that cybersecurity professionals worldwide rely on to identify, mitigate and fix security vulnerabilities in software and hardware...