Global smishing campaigns linked to Chinese cybercriminals escalate with Smishing Triad’s new tools and techniques

A proof-of-concept exploit tool has been publicly released for a maximum severity Apache Parquet vulnerability, tracked as CVE-2025-30065, making it easy to find vulnerable servers. [...]

We’ve been named a Google Cloud Partner of the Year for Data Security

Background UNC3944, which overlaps with public reporting on Scattered Spider, is a financially-motivated threat actor characterized by its persistent use of social engineering and brazen...

The UFO-like design of AirTags makes them a pain to attach to things. But I found a solution that makes the best finder tags available much easier to use.

Hackers are exploiting an unauthenticated remote code execution (RCE) vulnerability in the Samsung MagicINFO 9 Server to hijack devices and deploy malware. [...]

Barracuda is excited to announce a new generation of advanced web security devices. Get the details in this post.

Wiz is excited to announce “The Cloud Hunting Games”, a new hands-on Capture the Flag (CTF) challenge designed to test your cloud incident response skills.

Individuals allegedly linked to the DragonForce cybercriminal syndicate have claimed the attack on the three UK retailers

The Legal Aid Agency (LAA), an executive agency of the UK's Ministry of Justice that oversees billions in legal funding, warned law firms of a security incident and said the attackers might have...

We are thrilled to share that Barracuda has been honored with six prestigious awards recognizing our leadership and innovation in email security, managed XDR and data protection.

The financially motivated Golden Chickens group, known for operating under a MaaS model, has been linked to two newly identified malicious strains, TerraStealerV2 and TerraLogger, which indicates...

The U.S. Department of Defense (DoD) released on Monday details of an initiative, ‘Accelerating Secure Software,’ and kicked... The post US DoD gets set to develop SWFT framework, issues RFIs to...

Digital transformation company Atos announced Monday the launch of its SecureHorizons NIS2 Compliance Manager Application, powered by ServiceNow,... The post Atos launches SecureHorizons NIS2...

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has tagged a Langflow remote code execution vulnerability as actively exploited, urging organizations to apply security updates and...

Finding a solution to make private conversations truly private must be a top priority for technologists. The post After Signal controversy, do private conversations online exist anymore? appeared...

Microsoft is investigating a new Microsoft 365 outage affecting multiple services across North America, including the company's Teams collaboration platform. [...]

New research shows Google Cloud and smaller providers have the highest cloud vulnerability rates as compared to AWS…

Google has released its monthly security updates for Android with fixes for 46 security flaws, including one vulnerability that it said has been exploited in the wild. The vulnerability in...

Prolific PhaaS operation Darcula uses Magic Cat software to steal over 800,000 cards in a seven-month period

You can't protect what you can't see. From shadow IT to supplier risk, modern attack surfaces are sprawling fast — and External Attack Surface Management (EASM) is how security teams take back...

Lampion malware distributors are now using the social engineering method ClickFix. Read our analysis of a recent campaign. The post Lampion Is Back With ClickFix Lures appeared first on Unit 42.

Learn more about the framework Talos IR uses to conduct proactive threat hunts, and how we can help you stay one step ahead of emerging threats.

A recently disclosed critical security flaw impacting the open-source Langflow platform has been added to the Known Exploited Vulnerabilities (KEV) catalog by the U.S. Cybersecurity and...

Google has released the May 2025 security updates for Android with fixes for 45 security flaws, including an actively exploited zero-click FreeType 2 code execution vulnerability. [...]

The National Cyber Security Centre has published advice for retailers while the Co-op admits customer data was stolen

Vibe coding has attracted much attention in recent weeks with the release of many AI-driven tools. This blog answers some of the Frequently Asked Questions (FAQ) around vibe coding.BackgroundVibe...

Today, Microsoft announced new Windows experiences for Copilot+ PCs, including AI agents that will make changing settings on your Windows computer easier. [...]

Customs and Border Protection has called for tech companies to pitch real-time face recognition technology that can capture everyone in a vehicle—not just those in the front seats.

Have you received a text message about an unpaid road toll? Make sure you’re not the next victim of a smishing scam.