A previously undocumented data-wiping malware dubbed Lotus was used last year in targeted attacks against energy and utilities organizations in Venezuela. [...]

Tal Be’ery knew that I was online the night before I called him. He knew what kind of device I was using. I didn’t share this information with him. All he had was my phone number. I had no way to...

Plus: Court papers reveal nonprofit paid a ransom worth nearly $26.8 million The third of three former ransomware negotiators accused of assisting the ALPHV/BlackCat ransomware gang in extorting...

A Chinese national was arrested at New York’s John F. Kennedy International Airport after federal authorities say he photographed sensitive military aircraft near Offutt Air Force Base in Nebraska...

For almost three decades now, threat actors have used remote access trojans (RATs) to monitor user activity and steal sensitive information and credentials. The RAT’s surreptitious nature has...

China will hit EU firms with reciprocal measures if the bloc targets Chinese firms as planned under its proposed cybersecurity regulations, Beijing has warned. In a 30-page document submitted to...

The 75th anniversary of the Korean Workers Party in October 2020 was not the festive affair that North Korean leader Kim Jong Un wanted it to be. Despite the fireworks, military flyover and...

The National Security Agency is using Anthropic’s most powerful model yet, Mythos Preview, despite top officials at the Department of Defense — which oversees the NSA — insisting the company is a...

President Trump said Monday he’ll use a Cold War-era national security law to try and bolster domestic production of motor fuels and electricity. His use of the Defense Production Act comes amid...

The Transportation Security Administration has quietly been pitching airports and industry on a privatization program that would represent a significant overhaul in how TSA’s private security...

The House Appropriations Financial Services and General Government (FSGG) Subcommittee advanced its fiscal year (FY) 2027 appropriations bill on Friday, including $5 million for the Technology...

A Coast Guard rule imposing standards on operational technology systems in ports and larger U.S.-flagged commercial vessels is poised to supercharge the maritime cybersecurity market – a boon...

Ukraine’s sinking of much of Russia’s Black Sea Fleet is “case alpha” in finding new ways to use robots across land, sea, and air, the U.S. Navy’s assessment chief said Monday. But the United...

Combat video from MQ-9 Reaper remotely piloted aircraft (RPA) striking targets in Iran may have surprised those who thought the iconic unmanned aircraft were destined for retirement now that the...

AI agents are writing more and more code. Ensure it's secure. Learn how Wiz Code plugins and the Green Agent bring machine-speed remediation to your AI-IDE.

After a federal watchdog found a staff of two overseers insufficient to vet 27,000 research awards for ties to adversaries, namely China, the Pentagon says computers will now screen...

In this episode of Talos Takes, Amy and Martin Lee unpack state-sponsored and phishing trends from the 2025 Talos Year in Review.

CEO suspects silicon sidekick behind 'surprising velocity' breach - cyber crims shop stolen data for $2M Vercel's CEO reckons the crooks behind its recent breach likely had a helping hand from AI,...

In 2025, attackers increasingly targeted weaknesses in multi-factor authentication (MFA) workflows, and phishing attacks leveraged valid, compromised credentials to launch lures from trusted...

See your full Apigee architecture on the Wiz Security Graph, from API gateways and environments to every endpoint and its authorization scheme.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added eight new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, including three flaws impacting...

Mexican IT services firm admits it was hacked, but says client operations weren't affected A Mexican IT infrastructure and digital transformation biz is on clean-up duty after a criminal posted...

Grupo Seguritech is a Mexican surveillance company that is expanding into the US.

No facial recognition privacy intrusions either! Well, maybe a little London's Metropolitan Police is trialing new retail technology to help curtail the city's pervasive shoplifting problem… and...

New data from Dataminr identified that ransomware group Vect operationalized a formal partnership with BreachForums cybercrime marketplace and... The post Vect formalizes BreachForums and TeamPCP...

Researchers from Darktrace detailed a malware strain dubbed ZionSiphon, highlighting a piece of OT (operational technology)-focused malware designed... The post Darktrace identifies ZionSiphon...

The U.S. CISA (Cybersecurity and Infrastructure Security Agency) issued an alert warning of a supply chain compromise affecting... The post CISA warns organizations of supply chain compromise in...

Fraud prevention and user experience don't have to be a tradeoff. IPQS shows how combining identity, device, and network signals stops fraud without adding friction. [...]

Cisco Talos documents several macOS living-off-the-land (LOTL) techniques, demonstrating that native pathways for movement and execution remain accessible to those who understand the underlying...

And why automation may be the only way to keep up