TeamPCP’s operations center on abusing unauthenticated or weakly protected orchestration and management interfaces rather than exploiting traditional endpoints. Initial access is achieved via...
Microsoft on Wednesday said it built a lightweight scanner that it said can detect backdoors in open-weight large language models (LLMs) and improve the overall trust in artificial intelligence...
Threat hunters have disclosed details of a new, stealthy malware campaign dubbed DEAD#VAX that employs a mix of "disciplined tradecraft and clever abuse of legitimate system features" to bypass...
The growing threat of automated attack infrastructure
LLMs automated most phases of the attack A digital intruder broke into an AWS cloud environment and in just under 10 minutes went from initial access to administrative privileges, thanks to an AI...
Suspected Chinese state-backed hackers hijacked the Notepadd++ update infrastructure to deliver backdoored version of the popular free source code editor and note-taking app for Windows.
Threat actors affiliated with China have been attributed to a fresh set of cyber espionage campaigns targeting government and law enforcement agencies across Southeast Asia throughout 2025. Check...
If you noticed a lot of dark web leak site listings by a new group, 0apt, and have been concerned about whether they might be a dangerous and prolific group, the DataBreach[.]com team (no...
US agencies told to patch by Friday Attackers are exploiting a critical SolarWinds Web Help Desk bug - less than a week after the vendor disclosed and fixed the 9.8-rated flaw. That's according to...
An innovative approach to discovering, analyzing, and governing identity usage beyond traditional IAM controls. The Challenge: Identity Lives Outside the Identity Stack Identity and access...
Supply chains are essential infrastructure. They shape what countries can build, what they can secure and what they can sustain under pressure. That argument sits at the center of a recent episode...
For those of you who have not yet tried it, check out Tooble. Its a point and click tool that lets you download videos from the youtube.. its pretty cool and allows u to pull/convert videos pretty...
Many incident response failures do not come from a lack of tools, intelligence, or technical skills. They come from what happens immediately after detection, when pressure is high, and information...
A newly formed Russian hacker alliance known as Russian Legion has launched a coordinated cyberattack campaign against Denmark, threatening critical infrastructure and government services. The...
Harmful cyber operations are growing in pace, scale and impact. Cyber operations targeting critical infrastructure have increased significantly in recent years. The number of cyber actors is also...
In the first part of our LockBit 5.0 series, where we analyzed 19 samples of the latest version of this cross-platform ransomware, we provided a comprehensive technical analysis of its ESXi...
Spain announced plans on Tuesday to introduce an Australia-style social media ban for under-16s as part of a broader crackdown on tech giants over systemic failures to protect users from harm....
Muleshoe, population 5,000, sits in the Texas Panhandle, next to the New Mexico state line, and about as far away from Ukraine as anywhere can be. A small, arid town linked to the outside world by...
Congress has 10 days to prevent another shutdown — this one exclusively affecting the Department of Homeland Security. There’s not much optimism about a deal. At issue is one of the thorniest...
The Trump administration needs help from industry to reduce the cybersecurity regulatory burden and to back important cyber legislation on Capitol Hill, among other areas, National Cyber Director...
Hear a tale about the time the BHIS SOC team conducted a 14-hour overnight incident response... from the Wild West Hackin' Fest conference in Deadwood, South Dakota. The post When the SOC Goes to...
The new research from Jamf Threat Labs demonstrates how Predator spyware can stay hidden on targeted phones by “intercepting sensor activity” to hide the indicators.
Key Points Introduction Check Point Research has identified several campaigns targeting multiple countries in the Southeast Asian region. These related activities have been collectively...
Gang walks away with nothing, victims are left with irreparable hypervisors Cybersecurity experts usually advise victims against paying ransomware crooks, but that advice goes double for those who...
Microsoft has warned that information-stealing attacks are "rapidly expanding" beyond Windows to target Apple macOS environments by leveraging cross-platform languages like Python and abusing...
How research, analysis, and communication turn signals into insight
John Beauge reports an update to the previously reported case of a former Nuance Communications employee who compromised the protected health information of more than 1.3 million Geisinger Health...
Ransomware groups claimed more than 2,000 attacks in the last three months of 2025 – and they’re starting 2026 at the same elevated pace. Cyble recorded 2,018 claimed attacks by ransomware groups...
The US National Reconnaissance Office has declassified information about a fleet of spy satellites operating between 1971 and 2006. I’m actually impressed to see a declassification only two...
The Eclipse Foundation, which maintains the Open VSX Registry, has announced plans to enforce security checks before Microsoft Visual Studio Code (VS Code) extensions are published to the...