North Korean hackers deploy PylangGhost malware through fake crypto job interviews targeting blockchain professionals with phishing and remote access tools.

North Korean hackers deploy PylangGhost malware through fake crypto job interviews targeting blockchain professionals with phishing and remote access tools.

Meta Platforms on Wednesday announced that it's adding support for passkeys, the next-generation password standard, on Facebook. "Passkeys are a new way to verify your identity and login to your...

Cato Networks researchers demonstrated an attack leveraging Atlassian’s AI agent-enabling server

The U.S. Department of Justice has seized more than $225 million in cryptocurrency linked to investment fraud and money laundering operations, the largest crypto seizure in the history of the U.S....

GenAI, credential theft, third-party risks—Verizon's 2025 DBIR reveals what's putting your org at risk. Join DBIR author Alex Pinto & LayerX CEO Or Eshed as they break down this year's key...

At the ongoing ISA OT Cybersecurity Summit in Brussels, the International Society of Automation (ISA) announced the upcoming... The post ISA’s ACSSA scheme targets patchwork OT security with...

Microsoft has announced new Windows 365 security defaults starting in the second half of 2025 and affecting newly provisioned and reprovisioned Cloud PCs. [...]

An alleged former member of the infamous Ryuk ransomware group has been extradited to the US

ChatGPT appears to be testing support for Gmail and Google Calendar integration. This will allow users to summarise emails and create events. [...]

A new report from Runsafe Security highlights how medical device cybersecurity has shifted from a traditional IT issue... The post Runsafe report: Medical device cyberattacks threaten patient...

iOT365, a global vendor of OT (operational technology) and IoT (Internet of Things) cybersecurity solutions, and Civitas Group,... The post iOT365, Civitas Group partner to deliver advanced OT,...

Cybersecurity researchers have uncovered two local privilege escalation (LPE) flaws that could be exploited to gain root privileges on machines running major Linux distributions. The...

I have tested and ranked the best iPhone password managers to help you keep all of your logins secure. These are my favorites.

Using polyglot files, involving the 7-Zip vulnerability and the 0-click vulnerability in MS Windows – there are some interesting details of attacks on industrial enterprises disclosed at this quarter.

Pro-Israel Predatory Sparrow Group steals $90m in crypto from Iranian exchange Nobitex

The DuckDuckGo web browser has expanded its built-in Scam Blocker tool to protect against a broader range of online scams, including fake e-commerce, cryptocurrency exchanges, and "scareware" sites. [...]

Satellite communications company Viasat is the latest victim of China's Salt Typhoon cyber-espionage group, which has previously hacked into the networks of multiple other telecom providers in the...

Cloud Software Group has released a security bulletin warning customers of two newly identified vulnerabilities, CVE-2025-5349 and CVE-2025-5777, affecting both NetScaler ADC (formerly Citrix ADC)...

You'll soon be able to protect your Facebook account with a secure and convenient passkey, though only mobile devices will be supported.

U.S. doughnut chain Krispy Kreme confirmed that attackers stole the personal information of over 160,000 individuals in a November 2024 cyberattack. [...]

GitHub Actions provides a policy mechanism to limit the kinds of actions and reusable workflows that can be used. The policies eliminate the failure mode of adding malicious or harmful workflows...

It’s not often you experience convergence or recognize it when it happens. For me, it wasn’t one big... The post Recognizing Convergence in Real Time appeared first on Industrial Cyber.

A member of the notorious Ryuk ransomware operation who specialized in gaining initial access to corporate networks has been extradited to the United States. [...]

Analysis of the TAG-140 cyber espionage campaign targeting Indian government organizations, focusing on the development and deployment of the modified DRAT V2 remote access trojan.

Streamline remediation by delivering prioritized security issues straight to Zendesk

The primary smart contract development language is Solidity. However, this contains many, many footguns that the developers of Stacks have tried to fix. This post goes into he design of their...

Golang's parsing for JSON, XML, and YAML has some peculiar properties that the author of this post decided to investigate. When unmarshalling JSON, the fields in Golang can be explicitly set with...

A new campaign is making use of Cloudflare Tunnel subdomains to host malicious payloads and deliver them via malicious attachments embedded in phishing emails. The ongoing campaign has been...

A new multi-stage malware campaign is targeting Minecraft users with a Java-based malware that employs a distribution-as-service (DaaS) offering called Stargazers Ghost Network. "The campaigns...