Attacks against modern generative artificial intelligence (AI) large language models (LLMs) pose a real threat. Yet discussions around these attacks and their potential defenses are dangerously...
The Australian government has intensified efforts to protect digital infrastructure across all Commonwealth entities. Two recent publications, the 2024–25 Protective Security Policy Framework...
Fears over a drug cartel drone over Texas sparked a recent airspace shutdown in El Paso and New Mexico, highlighting just how tricky it can be to deploy anti-drone weapons near cities.
In December 2025, a database of the Brazilian crowdfunding platform APOIA.se was posted to an online forum. In January 2026, the company confirmed it had suffered a data breach. The incident...
PLUS: India demands two-hour deepfake takedowns; Singapore embraces AI; Japanese robot wolf gets cuddly; And more Asia In Brief The United States may be about to change its policies regarding...
Learn how network intelligence gives security teams control over threat investigation with global visibility—no more drowning in generic, passive threat feeds.
PLUS: Fake ransomware group exposed; EC blesses Google's big Wiz deal; Alleged sewage hacker cuffed; And more Infosec in Brief The former General Manager of defense contractor L3Harris’s cyber...
Microsoft has disclosed details of a new version of the ClickFix social engineering tactic in which the attackers trick unsuspecting users into running commands that carry out a Domain Name System...
Following a cybersecurity breach, the Land and Agricultural Development Bank of South Africa is under scrutiny as reports emerge of a R50 million ransom demand. The bank has confirmed the incident...
Overview OAST domains appeared across multiple HTTP fields: request bodies (4,331 occurrences, 52.8%), URI paths (1,709, 20.8%), request header values (1,272, 15.5%), URL paths (392, 4.8%),...
Eric Neugeboren reports: Nevada’s IT agency has rolled out a new policy aimed at standardizing the privacy of state data, months after a massive cyberattack crippled certain systems for weeks. The...
This is a current list of where and when I am scheduled to speak: I’m speaking at Ontario Tech University in Oshawa, Ontario, Canada, at 2 PM ET on Thursday, February 26, 2026. I’m speaking at the...
itv reports: Guernsey’s Data Protection Authority (ODPA) has sanctioned First Contact Health after it failed to implement sufficient security measures to prevent a phishing attack. The...
Abby Sourwine reports: Ransomware attacks against schools and universities held relatively steady in 2025, but the scale of data exposure rose sharply, driven in part by third-party software...
Reza abasi notes that there is a new forum called the “Kurd Hacker Forum” that focuses on databreaches in Iran, Syria, and Turkey. The domain was registered January 28, 2026. The forum, which is...
Zack Whittaker reports: Dutch phone company Odido has confirmed a data breach affected millions of its customers. The company said in a statement Thursday that unidentified hackers gained access...
Plus: Meta plans to add face recognition to its smart glasses, Jared Kushner named as part of whistleblower’s mysterious national security complaint, and more.
The Mexican city of Guadalupe, which will host portions of the 2026 World Cup, recently showed off four new robot dogs that will help provide security during matches at BBVA Stadium.
We discuss the extensive use of malicious QR codes using URL shorteners, in-app deep links and direct APK downloads to bypass mobile security. The post Phishing on the Edge of the Web and Mobile...
A previously undocumented threat actor has been attributed to attacks targeting Ukrainian organizations with malware known as CANFAIL. Google Threat Intelligence Group (GTIG) described the hack...
An exploration of the interesting question.
Several state-sponsored actors, hacktivist entities, and criminal groups from China, Iran, North Korea, and Russia have trained their sights on the defense industrial base (DIB) sector, according...
A previously unknown threat actor tracked as UAT-9921 has been observed leveraging a new modular framework called VoidLink in its campaigns targeting the technology and financial services sectors,...
Their headline was, “Attorney General Ken Paxton Demands Information from Blue Cross Blue Shield of Texas and Conduent as Part of Investigation into Largest Data Breach in U.S. History,”...
Tenable security advisory (AV26-129)
Juniper Networks security advisory (AV26-128)
As if admins haven't had enough to do this week Ignore patches at your own risk. According to Uncle Sam, a SQL injection flaw in Microsoft Configuration Manager patched in October 2024 is now...
Authorities crack down on global cyber scams, state-backed APTs weaponize Gemini AI for attacks, and PRC-based UNC3886 targets major telcoms.
Heekyong Yang and Hyunjoo Jin report: South Korean officials blamed a massive data leak last year at Coupang on management failure, rather than a sophisticated cyberattack, and urged the...
A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers with cryptocurrency-related tasks. [...]