Kaspersky GReAT experts look into the Coruna exploit kit targeting iPhones. We discovered that the kernel exploit for CVE-2023-32434 and CVE-2023-38606 is an updated version of the Operation...
An Armenian suspect was extradited to the United States to face criminal charges for allegedly helping manage RedLine, one of the most prolific infostealer malware operations in recent years. [...]
Let's talk about the sector that keeps our lights on, water running, and industries humming—and why it's become ransomware's favorite target. In 2025, the global energy and utilities sector faced...
In June 2015, custom gaming controller maker Scuf Gaming suffered a data breach. The incident exposed 129k unique email addresses along with usernames, display names, IP addresses and password hashes.
Police found cameras pointing at infrastructure Indian authorities have reportedly ordered an audit of the nation’s CCTV cameras, after police uncovered what they claim was a Pakistan-backed...
An Iraqi member of a pro-Iran hacking collective claimed to have attacked United Nations and international law enforcement organizations’ websites today. While many of the site attacks reported by...
In March 2026, the audio production tools company Sound Radix disclosed a data breach that they subsequently self-submitted to HIBP. The incident impacted 293k unique email addresses and names....
On 2026-03-26, an incident was reported, involving an unknown actor, gaining initial access via Unknown, to achieve Supply chain attack.
The Problem Nobody Wants to Talk AboutLet me paint a picture most security leaders will recognize.You have 30+ policies living as Word documents on SharePoint. Half of them have filenames like…
The alleged administrator of the LeakBase cybercrime forum has been arrested by Russian law enforcement authorities, state media reported Thursday. According to TASS and MVD Media, a news website...
The Armenian man faces three counts for his role for allegedly administering “one of the most prevalent infostealing malware variants in the world.” The post Alleged RedLine infostealer...
Gary Fineout reports: Sen. Rick Scott is suing a major government contractor for damages after his tax returns were leaked along with other prominent and wealthy figures, including President...
A proof-of-concept attack on Context Hub suggests there's not much content santization A new service that helps coding agents stay up to date on their API calls could be dialing in a massive...
They cleverly mimic most traits of a real phone Smartphones have fast become the basis of our digital identities, securing payment systems and bank accounts. Now virtual devices that pretend to be...
Cybersecurity researchers have flagged a new evolution of the GlassWorm campaign that delivers a multi-stage framework capable of comprehensive data theft and installing a remote access trojan...
Ex-CISA boss also says no reason to panic about AI and security RSAC 2026 "Everybody feels massive FOMO if they don't get to RSAC," Jen Easterly says.…
GitHub is adopting AI-based scanning for its Code Security tool to expand vulnerability detections beyond the CodeQL static analysis and cover more languages and frameworks. [...]
Four former NSA bosses walk onto the stage at RSAC… rsac 2026 There's a theoretical red line with cyber warfare. Cross it, and the US will respond with a physical attack like missile strikes. And...
Attacks leveraging the 'PolyShell' vulnerability in version 2 of Magento Open Source and Adobe Commerce installations are underway, targeting more than half of all vulnerable stores. [...]
In September 2025, Anthropic disclosed that a state-sponsored threat actor used an AI coding agent to execute an autonomous cyber espionage campaign against 30 global targets. The AI handled...
The U.S. Department of Justice (DoJ) said a Russian national has been sentenced to two years in prison for managing a botnet that was used to launch ransomware attacks against U.S. companies. Ilya...
Orchestrate customizable workflows with agents, enabling end-to-end discovery and response in Wiz
Cybersecurity researchers are calling attention to an active device code phishing campaign that's targeting Microsoft 365 identities across more than 340 organizations in the U.S., Canada,...
The incident highlights growing concerns over the security of the open-source software supply chain, where widely-used tools maintained by small teams can provide a gateway into thousands of...
As political trust frays between Washington and parts of Europe, private industry may have to move faster than governments to keep transatlantic cyber cooperation on track. That was the core...
Threat actors are evading phishing detection in campaigns targeting Microsoft accounts by abusing the no-code app-building platform Bubble to generate and host malicious web apps. [...]
Senior researcher Alberto Fittarelli spoke with the New York Times about the double threat of AI-produced disinformation. “Verifying everything is incredibly exhausting, and not everyone can...
A new info-stealing malware called Torg Grabber is stealing sensitive data from 850 browser extensions, more than 700 of them for cryptocurrency wallets. [...]
The rise of agentic systems is changing how organizations think about defense and risk. As enterprises embrace autonomous decision-making, the agentic AI attack surface expands in ways that...
As war reshapes the Gulf, the satellite infrastructure the world relies on to see conflict clearly is being delayed, spoofed, and privately controlled—and nobody is sure who is responsible.