Early into his tenure leading U.S. Southern Command, Marine Corps Gen. Francis Donovan is ramping up drone and AI-enabled operations to disrupt maritime drug trafficking and dismantle networks of...
AI is uncovering vulnerabilities at a scale that will overwhelm legacy defenses. Here is how to build a security organization that is Mythos ready.Key takeawaysWhile frontier AI models like Claude...
Windows Admin Center flaws mean on-prem can attack cloud, and vice-versa Black Hat Asia Israeli researchers found a series of flaws in Microsoft's Windows Admin Center (WAC) and suggest this shows...
Department of Homeland Security researchers showed lawmakers just how easy it is for bad actors to weaponize artificial intelligence models to build a bomb, plan a terror attack or launch a...
Hackers have compromised Docker images, VSCode and Open VSX extensions for the Checkmarx KICS analysis tool to harvest sensitive data from developer environments. [...]
President Donald Trump’s pick to lead the government’s civilian cyber defense agency is withdrawing from consideration after his candidacy languished in the Senate. Sean Plankey informed Homeland...
Ukrainian authorities have dismantled a so-called “bot farm” that police say was supplying thousands of fake social media accounts to Russian intelligence services for use in disinformation...
The nonprofit Sandy Hook Promise sought to turn a tragedy into a force for good. Using tips to its “Say Something Anonymous Reporting System,” the group formed by parents of children who died in...
404 Media reports (alternate site): The FBI was able to forensically extract copies of incoming Signal messages from a defendant’s iPhone, even after the app was deleted, because copies of the...
China’s cyber-espionage capabilities are now as sophisticated as the U.S.’s and are increasingly targeting Western defense industries, said the head of Dutch military intelligence. Dutch Vice Adm....
Orgs can now buy UK cyber agency engineered commercial gadget, but details are slim GCHQ's cyber arm has entered the hardware game with its first device designed to prevent cyberattacks on display...
The U.S. military’s massive $1.5 trillion budget request for the next fiscal year includes what Pentagon officials described as the largest investment in drone warfare and counter-drone technology...
Lawmakers at a hearing Tuesday explored ways to beef up punishments for ransomware attacks against hospitals, possibly by labeling them as more severe crimes. One proposal floated at the House...
This quarter, the percentage of ICS computers on which worms were blocked increased noticeably in the region.
The UK could face “hacktivist attacks at scale” if it becomes embroiled in a conflict and the impact could be similar to recent high-profile ransomware incidents, according to the head of the...
Dutch cosmetics giant Rituals disclosed a data breach after attackers stole the personal information of an undisclosed number of customers from its "My Rituals" membership database. [...]
The EU Agency for Cybersecurity (ENISA) published an updated version of its National Capabilities Assessment Framework, NCAF 2.0,... The post ENISA updates NCAF 2.0 to help governments measure and...
A small group of unauthorized users have accessed Anthropic PBC’s new Mythos AI model, a technology that the company says is so powerful it can enable dangerous cyberattacks, according to a person...
U.K. National Cyber Security Centre (NCSC) released new cross-domain guidance aimed at helping government, industry and the wider... The post UK NCSC details cross domain model to secure data...
Password resets are one of the easiest ways for attackers to bypass security controls. Specops Software shows how helpdesk social engineering turns a seemingly legitimate reset request into full...
The World Economic Forum (WEF) warns that the emergence of advanced AI systems such as Anthropic’s Mythos marks... The post Anthropic’s Mythos signals new era of autonomous cyber threats, raising...
Unit 42 reveals how multi-agent AI systems can autonomously attack cloud environments. Learn critical insights and vital lessons for proactive security. The post Can AI Attack the Cloud? Lessons...
Use of custom malware remains relatively rare in pre-ransomware activity.
Keeping it simple for the developers can lead to very complex headaches later PWNED Welcome back to PWNED, the column where we celebrate the people who’ve taught us how not to secure a server. If...
The 2026 InsurSec Report from At-Bay, covering more than 100,000 policy years of claims data, documents a 7% year-over-year rise in overall claim frequency and an all-time high average severity of...
During a March 2026 incident response engagement, Rapid7 recovered two Kyber ransomware payloads deployed in the same environment, one targeting VMware ESXi infrastructure and the other Windows...
A private club failed to take all practicable steps to protect the personal data of its members following a ransomware-related data breach that affected more than 9,000 people, the Privacy...
Mile Bluff Medical Center in Mauston is currently experiencing system disruptions related to a security event involving data encryption. Upon detection, Mile Bluff immediately activated its...
Microsoft confirmed that a recent Microsoft Edge browser update introduced a bug that prevents Windows users from joining Teams meetings. [...]
ESET Research has discovered a new China-aligned APT group that we’ve named GopherWhisper, which targets Mongolian governmental institutions