What practical AI attacks exist today? “More than zero” is the answer – and they’re getting better.

MITRE has officially unveiled its highly anticipated D3FEND CAD tool as part of the D3FEND 1.0 release. This new Cyber Attack-Defense (CAD) tool is designed to transform how security professionals...

The Moroccan authorities have warned users of a critical vulnerability in the popular WordPress plugin, InstaWP Connect. The General Directorate of Information Systems Security (DGSSI), which...

A security architect with the National Labor Relations Board (NLRB) alleges that employees from Elon Musk's Department of Government Efficiency (DOGE) transferred gigabytes of sensitive data from...

Discover how cybercriminals use malicious Traffic Distribution Systems like TAG-124 to deliver ransomware and malware to high-value targets in healthcare and critical infrastructure.

CVE-2025-32433 is a remote code execution vulnerability in the SSH server implementation within Erlang’s OTP libraries (affecting versions legendary CVSS score of 10.0 and became known as a...

CVE-2025-31324 is a critical zero-day vulnerability in the SAP NetWeaver Visual Composer component (CVSS 10.0) that enables unauthenticated remote code execution (RCE). The flaw, caused by missing...

A recent malware campaign targeting Docker showcases a novel form of cryptojacking that abuses legitimate Web3 services for profit while employing heavy layers of obfuscation to evade detection....

Cybersecurity researchers have flagged a new malicious campaign related to the North Korean state-sponsored threat actor known as Kimsuky that exploits a now-patched vulnerability impacting...

An intense debate over how best to administer the tracking of common vulnerabilities and exposures (CVEs) is now underway following a last-minute decision by the Trump administration to continue...

A new Android malware-as-a-service (MaaS) platform named SuperCard X can facilitate near-field communication (NFC) relay attacks, enabling cybercriminals to conduct fraudulent cashouts. The active...

The city of Abilene disconnected servers after officials detected a cyber incident last week.

I think you’ll agree with me that growth in the AI landscape is pretty full-on at the moment. I go to sleep and wake up only to find more models have been released, each one outdoing the last one...

The ruling strikes at NSO Group’s fundamental strategy in the case, one observer noted. The post Judge limits evidence about NSO Group customers, victims in damages trial appeared first on CyberScoop.

Ukrainian President Volodymyr Zelenskyy has signed a sweeping cybersecurity bill aimed at bolstering the protection of state networks and critical infrastructure amid an ongoing surge in...

Fake Booking.com emails trick hotel staff into running AsyncRAT malware via fake CAPTCHA, targeting systems with remote access…

Unified model context, real-time security answers, and a faster path to remediation.

There’s nothing like the freedom of the open road when you’re on a motorcycle. But staying connected while…

Japan’s Financial Services Agency (FSA) warned last week of the growing threat of hacked trading accounts that has resulted in nearly US $700 million in unauthorized trades since March. The FSA...

The problem is simple: all breaches start with initial access, and initial access comes down to two primary attack vectors – credentials and devices. This is not news; every report you can find on...

In a statement to CyberScoop, acting Director Bridget Bean said that encouraging the private sector to build more secure products will continue to be a priority at the agency. The post Multiple...

ChatGPT can 'read' your photos for location clues - even without embedded GPS or EXIF data. Here's why that could be a problem.

How to overcome hidden hurdles and accelerate adoption, as told by Broadcom experts

Can a harmless click really lead to a full-blown cyberattack? Surprisingly, yes — and that’s exactly what we saw in last week’s activity. Hackers are getting better at hiding inside everyday...

Morphisec discovers a new malware threat ResolverRAT, that combines advanced methods for running code directly in computer memory,…

PebbleDash is a backdoor malware that was previously identified by the Cybersecurity and Infrastructure Security Agency (CISA) in the U.S. as a backdoor malware of Lazarus (Hidden Corba) in 2020....

AhnLab SEcurity intelligence Center (ASEC) recently discovered a malicious LNK file being distributed to Korean users for the purpose of stealing user information. This type of malware collects...

The Aqara Camera Hub G5 Pro provides AI-powered visual recognition technology with a host of home security features. Best of all, it doesn't require a monthly subscription.

Frenos, a company specializing in autonomous OT security assessment platforms, has alerted OT (operational technology) security professionals to... The post Frenos warns OT sector of critical...

U.S. Senators Gary Peters (D-MI) and Mike Rounds (R-SD) have introduced a bipartisan bill to extend vital provisions from the Cybersecurity Information Sharing Act of 2015. The new legislation,...