Plus: China sentences scam bosses to death, Europe is ramping up its plans to build a “drone wall” to protect against Russian airspace violations, and more.

A spike in suspicious scans targeting Palo Alto Networks login portals indicates clear reconnaissance efforts from suspicious IP addresses, researchers warn. [...]

Hackers stole partial payment information and personally identifying data associated with some Discord users after compromising a third-party customer service provider. [...]

Hackers stole partial payment information and personally identifiable data, including names and government-issued IDs, from some Discord users after compromising a third-party customer service...

In August 2025, the "marketplace that connects artists to prospective clients" Artists&Clients, suffered a data breach and subsequent ransom demand of US$50k. The data was subsequently leaked...

A threat actor named Detour Dog has been outed as powering campaigns distributing an information stealer known as Strela Stealer. That's according to findings from Infoblox, which found the threat...

Before making a change to legacy code, you must understand the code. This often requires understanding why it does the things it does which may not be obvious 10+ years after code was written....

SP1 is a zero-knowledge virtual machine (zkVM) that enables developers to prove the execution of arbitrary programs that can be compiled to RISC-V. Most of the code that uses this is written in...

The author of this post was curious about the various AI-native security scanners. They wanted to find a product on the market that could identify vulnerabilities in code during a code review...

A vulnerability on a popular source-code editor has been recently released along with a proof-of-concept (POC) exploit, but the security community isn’t so sure that it’s a legitimate flaw.

The threat actor behind Rhadamanthys has also advertised two other tools called Elysium Proxy Bot and Crypt Service on their website, even as the flagship information stealer has been updated to...

Article. Report.

Opera Neon is a new browser that puts AI in control of your tabs and browsing activities, but it'll cost $19.90 per month. [...]

Police in El Cajon, California, searched their Flock Safety database of license plate activity on behalf of multiple out-of-state entities — in violation of California law — according to Attorney...

Brazilian users have emerged as the target of a new self-propagating malware dubbed SORVEPOTEL that spreads via the popular messaging app WhatsApp. The campaign, codenamed Water Saci by Trend...

Passwork is positioned as an on-premises unified platform for both password and secrets management, aiming to address the increasing complexity of credential storage and sharing in modern...

A threat actor that's known to share overlaps with a hacking group called YoroTrooper has been observed targeting the Russian public sector with malware families such as FoalShell and StallionRAT....

A new gunshot detection system from Flock Safety also can track human voices. Civil liberties advocates are urging cities not to use it.

In their newest escalation of activities since saying “goodbye” and then determinedly trying to create more chaos on Telegram. the Scattered LAPSUS$ Hunters collective (for lack of a better word...

Cybersecurity has been stuck in reaction mode for too long. Detect, respond, patch, repeat. That cycle isn’t working anymore. Threat actors are moving faster, scaling wider, and using AI to...

ProAPIs, a software company, and its CEO Rahmat Alam allegedly run an operation which LinkedIn says charges customers up to $15,000 per month for scraped user data taken from the social media platform.

Documents show that ICE plans to hire dozens of contractors to scan X, Facebook, TikTok, and other platforms to target people for deportation.

Signal announced the introduction of Sparse Post-Quantum Ratchet (SPQR), a new cryptographic component designed to withstand quantum computing threats. [...]

Customers of Renault and Dacia in the United Kingdom have been notified that sensitive information they shared with the car maker was compromised following a data breach at a third-party provider. [...]

Splunk has disclosed six critical security vulnerabilities impacting multiple versions of both Splunk Enterprise and Splunk Cloud Platform. These Splunk vulnerabilities, collectively highlighting...

Japanese beer-making giant Asahi has disclosed today that a ransomware attack caused the IT disruptions that forced it to shut down factories this week. [...]

An extortion group has launched a new data leak site to publicly extort dozens of companies impacted by a wave of Salesforce breaches, leaking samples of data stolen in the attacks. [...]

A new attack called 'CometJacking' exploits URL parameters to pass to Perplexity's Comet AI browser hidden instructions that allow access to sensitive data from connected services, like email and...

Boards want answers on AI: Where is it used? What risks does it create? How is it governed? Keep Aware released a free template to help CISOs present GenAI adoption, risk, exposure & controls...

As we kick off Cybersecurity Awareness Month, AI security challenges take the spotlight. Meanwhile, new marching orders say OT security teams need a comprehensive view of their systems. And get...