Fake Qantas emails in a sophisticated phishing scam steal credit card and personal info from Australians, bypassing major…

The U.S. Department of Justice (DoJ) on Thursday announced charges against a 36-year-old Yemeni national for allegedly deploying the Black Kingdom ransomware against global targets, including...

Riot’s “anti-cheat artisan” Phillip Koskinas explains how he and his team go after cheaters and cheat developers to protect the integrity of games, such as Valorant and League of Legends.

Plus: France blames Russia for a series of cyberattacks, the US is taking steps to crack down on a gray market allegedly used by scammers, and Microsoft pushes the password one step closer to death.

Microsoft has announced that it will discontinue the password storage and autofill feature in the Authenticator app starting in July and will complete the deprecation in August 2025. [...]

DragonForce ransomware group is targeting major UK retailers. Learn about this evolving threat and what steps can be taken to mitigate risk.

Top security leaders at some of the largest tech and cybersecurity vendors said public-private collaborative work continues, despite budget cuts and personnel changes. The post Amazon,...

Top security leaders at some of the largest tech and cybersecurity vendors said public-private collaborative work continues, despite budget cuts and personnel changes. The post Amazon,...

A photo taken this week showed Mike Waltz using an app that looks like—but is not—Signal to communicate with top officials. "I don't even know where to start with this," says one expert.

Data brokers gather and sell personal information to various companies. Unfortunately, these brokers suffer from data breaches just like any other company.

Blockchains have a concept known as gas. Like what you put in your car, it calculates how far you have gone. The only difference is that this one is computational complexity versus the distance on...

The app claims it uses end-to-end encryption, but spilled its users' dating preferences and granular location data to the open web.

Ireland's Data Protection Commission (DPC) on Tuesday fined popular video-sharing platform TikTok €530 million ($601 million) for infringing data protection regulations in the region by...

German police seized the dark web shop Pygmalion, gaining access to customer data linked to over 7,000 drug…

A budget summary doesn’t give specific details on which programs it would cut, instead providing a broad outline. The post Trump administration proposes cutting $491M from CISA budget appeared...

Luxury retailer Harrods confirms a cyber attack attempt, restricting internet access but keeping its online store running. Learn…

Run by the team at workflow orchestration and AI platform Tines, the Tines library features pre-built workflows shared by security practitioners from across the community - all free to import and...

The Co-op cyberattack is far worse than initially reported, with the company now confirming that data was stolen for a significant number of current and past customers. [...]

The malware loader known as MintsLoader has been used to deliver a PowerShell-based remote access trojan called GhostWeaver. "MintsLoader operates through a multi-stage infection chain involving...

Harrods, the iconic British luxury department store, has confirmed that it was recently targeted in a cybersecurity incident, becoming the third major UK retailer in just a few days to report a...

From the power of collaborative defense to identity security and AI, catch up on the event's key themes and discussions

The Cybersecurity and Infrastructure Security Agency (CISA) recently updated its Known Exploited Vulnerabilities (KEV) Catalog, adding two vulnerabilities, CVE-2024-38475 and CVE-2023-44221, that...

A supply chain attack involving 21 backdoored Magento extensions has compromised between 500 and 1,000 e-commerce stores, including one belonging to a $40 billion multinational. [...]

The US Cybersecurity and Infrastructure Security Agency has added two flaws affecting SonicWall products to its catalog of Known Exploited Vulnerabilities

Ransomware may be a true Phantom Menace, but you’re not without defenses this May the 4th (and beyond)

FBI shares 42,000 domains linked to seized PhaaS, PurpleHaze targets infrastructure of security vendors, and unknown APT spies on Uyghur activists.

NSC’s Alexei Bulazel said that failing to robustly respond to constant Chinese intrusions into critical infrastructure is in itself “escalatory”

A quarter century ago, a former computer science student from the Philippines accidentally unleashed one of the most destructive computer viruses in modern history.

A year after Microsoft announced passkeys support for consumer accounts, the tech giant has announced a big change that pushes individuals signing up for new accounts to use the phishing-resistant...

Wiz is excited to bring Data Security Posture Management (DSPM) into our FedRAMP authorized offering. DSPM enables organizations requiring FedRAMP to automate classification, policy enforcement,...