Talos Content Manager Amy introduces themself, shares her unconventional journey into cybersecurity and reports on threats masquerading as AI installers.

The Kingston IronKey Vault Privacy 80 features real-time AES-256 bit encryption, dual read-only modes, and password protection. The 2TB version is on sale right now at Amazon.

The U.S. website of Victoria’s Secret is down after an unspecified security incident, the latest in a series of cyber incidents hitting retailers. A status message on the Victoria’s Secret website...

The Treasury said FUNNULL was involved in providing infrastructure for pig butchering crypto scams.

Funnull Technology supports “hundreds of thousands of websites” dedicated to the scams, otherwise known as pig butchering, according to the sanctions announcement by the Treasury Department’s...

Cisco Talos uncovers CyberLock ransomware, Lucky_Gh0$t, and Numero malware masquerading as legitimate software and AI tool installers. Learn…

Cisco Talos uncovers CyberLock ransomware, Lucky_Gh0$t, and Numero malware masquerading as legitimate software and AI tool installers. Learn…

The threat actors behind the DragonForce ransomware gained access to an unnamed Managed Service Provider's (MSP) SimpleHelp remote monitoring and management (RMM) tool, and then leveraged it to...

Cybercriminals have hacked into thousands of Asus routers, possibly as a prelude to a widescale botnet attack, says a security firm.

If the adage, “The only thing constant is change,” resonates with you as much as it does me, then I’d venture a guess that you’re more than familiar with the constant flux of today’s technology...

The firm’s remote monitoring management tool, ScreenConnect, has reportedly been patched

IT management software firm ConnectWise says a suspected state-sponsored cyberattack breached its environment and impacted a limited number of ScreenConnect customers. [...]

ASEC Blog publishes “Mobile Security & Malware Issue 5st Week of May, 2025”

In a bold pivot toward modern warfare, the UK Ministry of Defence (MOD) has announced a £1 Billion (approximately $1.35B) investment to build out a battlefield AI system dubbed the “Digital...

Reflecting on 10 years since its launch, the honeypot maker explains why the company did not take on any VC funding.

The second-generation Blink Video Doorbell delivers a wider field of view, enhanced night vision, upgraded person detection, and more.

TXOne Networks, vendor of cyber-physical systems (CPS) security, announced a partnership with Foxguard, a Framatome subsidiary, to strengthen... The post TXOne, Foxguard partner to boost OT...

Fullscreen Browser-in-the-Middle attacks are making it harder for users to detect malicious websites

PALO ALTO, California, 29th May 2025, CyberNewsWire

Fortinet spots new malware that corrupts its own headers to block forensic analysis, hide behavior, and communicate with its C2 server.

Fortinet has identified a new Windows RAT operating stealthily on compromised systems with advanced evasion techniques

Symantec Endpoint Security Complete and Carbon Black Cloud earn coveted AAA rating by scoring 100% for detecting and blocking hundreds of ransomware attacks

Threat actors are abusing the trusted Google platform 'Google Apps Script' to host phishing pages, making them appear legitimate and eliminating the risk of them getting flagged by security tools. [...]

A weakness in Apple's Safari web browser allows threat actors to leverage the fullscreen browser-in-the-middle (BitM) technique to steal account credentials from unsuspecting users. [...]

A threat actor has used ASUS routers’ legitimate features to create persistent backdoors that survive firmware updates and reboots

TCC Bypass vulnerability has been found in three macOS applications: Poedit (CVE-2025-4280), Viscosity (CVE-2025-4412), DaVinci Resolve (CVE-2025-4081)

The U.S. Treasury Department has sanctioned Funnull Technology, a Philippines-based company that supports hundreds of thousands of malicious websites behind cyber scams linked to over $200 million...

Google on Wednesday disclosed that the Chinese state-sponsored threat actor known as APT41 leveraged a malware called TOUGHPROGRESS that uses Google Calendar for command-and-control (C2). The tech...

A new EY report found that cybersecurity teams are a major vehicle for business growth, and CISOs should push for a seat at the top table

Cybersecurity researchers have disclosed a critical unpatched security flaw impacting TI WooCommerce Wishlist plugin for WordPress that could be exploited by unauthenticated attackers to upload...