Cisco Talos reported that a Chinese group has deployed web shells and malware in local government networks post-exploitation

Hackers. AI data scrapes. Government surveillance. Thinking about where to start when it comes to protecting your online privacy can be overwhelming. Here’s a simple guide for you—and anyone who...

Cyber-physical systems (CPS) protection company Claroty signed a strategic partnership with Ignition Technology, a specialist cloud and SaaS... The post Claroty and Ignition Technology join forces...

Finite State has expanded its executive team with the appointments of Tim Quock as chief operating officer and... The post Finite State appoints Tim Quock and Beth Linker to drive growth, product...

The International Society of Automation (ISA), a professional society for automation, announced that the Utilities Technology Council (UTC)... The post UTC joins ISASecure to strengthen...

2025-05-23 • TechCrunch • Lorenzo Franceschi-Bicchierai • osx.careto, win.careto Open article on Malpedia

2025-05-20 • KrebsOnSecurity • Brian Krebs • elf.airashi, elf.aisuru Open article on Malpedia

2025-05-22 • KrebsOnSecurity • Brian Krebs • win.danabot Open article on Malpedia

2025-05-22 • Flashpoint • Flashpoint • win.danabot Open article on Malpedia

2025-05-22 • ESET Research • Tomáš Procházka • win.danabot Open article on Malpedia

The US National Institute of Standards and Technology (NIST) published a white paper introducing a new metric called Likely Exploited Vulnerabilities (LEV)

Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. This week, we look back on...

Google AI mode and AI Overviews now have ads, which, according to the search engine giant, are "helpful." [...]

Five major banking associations have formally petitioned the U.S. Securities and Exchange Commission (SEC) to repeal a rule that mandates public companies to disclose material cybersecurity...

OpenAI is planning to ship a new ChatGPT-powered product by 2026, but we aren't looking at yet another model. [...]

This is a weekly threat intelligence report review from RST Cloud. This week, we processed 76 threat intelligence articles and compiled a concise summary of each, along with the pertinent metadata...

FBI warns law firms: Silent Ransom Group uses phishing emails and fake IT calls to steal data, demanding ransom to prevent public leaks. The agency is also urges victims to share ransom evidence.

Lovable, which is a Vibe coding company, announced that Claude 4 has reduced its errors by 25% and made it faster by 40%. [...]

xAI, founded by Elon Musk, is preparing to launch Grok 3.5, the company's next state-of-the-art AI model. [...]

You can now connect your Box and Dropbox accounts to Deep Research on ChatGPT and pull data, which will be used by the AI to conduct research. [...]

A new report claims that OpenAI's o3 model altered a shutdown script to avoid being turned off, even when explicitly instructed to allow shutdown [...]

AhnLab SEcurity intelligence Center (ASEC) has recently identified cases of attacks installing CoinMiners in Korean Internet cafés. The threat actor is believed to have been active since 2022, and...

Just 24 hours left to lock in Early Bird pricing for TechCrunch Disrupt 2025 — happening October 27–29 at Moscone West in San Francisco. Save up to $900 on your pass, or bring someone brilliant...

Cybersecurity researchers have disclosed a malware campaign that uses fake software installers masquerading as popular tools like LetsVPN and QQ Browser to deliver the Winos 4.0 framework. The...

Glitch has announced it is ending app hosting and user profiles on July 8, 2025, responding to changing market dynamics and extensive abuse problems that have raised operational costs. [...]

Creating industrial cybersecurity leadership involves fundamentally altering the mindset, one that mirrors the changing nature of the threat... The post Industrial cybersecurity leadership is...

Most of what’s sold as “threat intelligence” today isn’t intelligence at all.Instead, it’s data, lists of IP addresses, hashes, and domains, with little to no context. These indicators of...

Beyond the noise, capability vs influence

A critical XSS vulnerability, CVE-2024-27443, in Zimbra Collaboration Suite’s CalendarInvite feature is actively being exploited, potentially by the…

SK Telecom reveals malware intrusion that remained hidden for nearly two years, led to the leaking of 26.69…