Today, at Wild West Hackin' Fest, security researcher Wietze Beukema disclosed multiple vulnerabilities in Windows LK shortcut files that allow attackers to deploy malicious payloads. [...]
A new 2026 market intelligence study of 128 enterprise security decision-makers (available here) reveals a stark divide forming between organizations – one that has nothing to do with budget size...
Generative AI is rapidly becoming a critical component of information warfare. A number of violent non-state actors are beginning to embrace this new technology, which has substantially altered...
The number of extortion-related cyberattacks increased by roughly 63% in 2025 to 6,800, according to Intel 471’s report, which is based on data from the company’s analysis of dark-web forums. The...
The Trump administration’s push for aggressive cybersecurity tactics that would tap the private sector to help disrupt suspected malicious cyber actors is sparking questions about how far...
Romania's national oil pipeline operator, Conpet S.A., confirmed that the Qilin ransomware gang stole company data in an attack last week. [...]
Lawmakers made no apparent progress toward a deal Wednesday on an extension of Department of Homeland Security funding, and the Senate appears set to leave town Thursday despite the Feb. 13...
World Leaks, the cyber-criminal data extortion group which has targeted some of the world’s biggest companies, has added a novel, never-before-seen malware to their arsenal, research by Accenture...
Flaw abused ''in an extremely sophisticated attack against specific targeted individuals' Apple patched a zero-day vulnerability affecting every iOS version since 1.0, used in what the company...
Introduction In the final quarter of 2025, Google Threat Intelligence Group (GTIG) observed threat actors increasingly integrating artificial intelligence (AI) to accelerate the attack lifecycle,...
Researchers found that APT groups were using the AI tool for coding and scripting tasks, gathering information about potential targets, researching publicly known vulnerabilities and enabling...
DragonForce is a ransomware group that first emerged on December 13, 2023, when a user identified as @dragonforce on BreachForums uploaded stolen data. The group developed and deployed its own...
The abrupt closure of El Paso’s airspace late Tuesday was precipitated when Customs and Border Protection officials deployed an anti-drone laser on loan from the Department of Defense without...
Dutch telecommunications provider Odido is warning that it suffered a cyberattack that reportedly exposed the personal data of 6.2 million customers. [...]
A significant chunk of the exploitation attempts targeting a newly disclosed security flaw in Ivanti Endpoint Manager Mobile (EPMM) can be traced back to a single IP address on bulletproof hosting...
The use of cryptocurrency in sales of human beings for prostitution and scam compounds nearly doubled in 2025, according to a conservative estimate. Many of the deals are happening in plain sight.
Top Class Actions reports a settlement stemming from the Citrix Bleed” data breach it suffered in 2023: A Pennsylvania federal judge has granted preliminary approval to a $117.5 million class...
A critical vulnerability in the WPvivid Backup & Migration plugin for WordPress, installed on more than 900,000 websites, can be exploited to achieve remote code execution by uploading arbitrary...
New York is contemplating a bill that adds surveillance to 3D printers: New York’s 20262027 executive budget bill (S.9005 / A.10005) includes language that should alarm every maker, educator, and...
Researchers say breaches link identity abuse, SaaS compromise, and ransomware into a cascading cycle Cybercriminals are turning supply chain attacks into an industrial-scale operation, linking...
Executive Summary Cyble Research and Intelligence Labs (CRIL) observed large-scale, systematic exposure of ChatGPT API keys across the public internet. Over 5,000 publicly accessible GitHub...
Apple on Wednesday released iOS, iPadOS, macOS Tahoe, tvOS, watchOS, and visionOS updates to address a zero-day flaw that it said has been exploited in sophisticated cyber attacks. The...
Ryan Liles reveals how he bridges the gap between Cisco’s product teams and third-party testing labs, mastering the art of technical diplomacy while driving industry standards forward and keeping...
Whoever gets it will steer UK department's IT, AI strategy, and megabucks vendor deals The UK Ministry of Defence (MoD) is offering between £270,000 to £300,000 for a senior digital leader who...
When corporate data is exposed on a dedicated leak site, the consequences linger long after the attack fades from the news cycle
AMOS infostealer is targeting macOS users by abusing popular AI apps and extension marketplaces to harvest credentials. Flare examines how AMOS operates, spreads through AI-driven lures, and feeds...
“Tenable’s asset and attack surface coverage, its application of AI and its reputation for vulnerability assessment makes it the front-runner in AI-powered exposure assessment,” Gartner writes in...
“Tenable’s asset and attack surface coverage, its application of AI and its reputation for vulnerability assessment makes it the front-runner in AI-powered exposure assessment,” Gartner writes in...
A set of 30 malicious Chrome extensions that have been installed by more than 300,000 users are masquerading as AI assistants to steal credentials, email content, and browsing information. [...]
Two Russian nationals stand trial in Paris in a case emblematic of the wave of ransomware attacks that France has seen for more than six years. The trial opening Wednesday, February 11, before the...