Researchers from Darktrace detailed a malware strain dubbed ZionSiphon, highlighting a piece of OT (operational technology)-focused malware designed... The post Darktrace identifies ZionSiphon...

The U.S. CISA (Cybersecurity and Infrastructure Security Agency) issued an alert warning of a supply chain compromise affecting... The post CISA warns organizations of supply chain compromise in...

Fraud prevention and user experience don't have to be a tradeoff. IPQS shows how combining identity, device, and network signals stops fraud without adding friction. [...]

Cisco Talos documents several macOS living-off-the-land (LOTL) techniques, demonstrating that native pathways for movement and execution remain accessible to those who understand the underlying...

And why automation may be the only way to keep up

There’s a lot of love all over the world for GrapheneOS, the gold standard of mobile security. There’s very little love between the two guys at the center of its history.

Ofcom, the United Kingdom's independent communications regulator, has launched an investigation into Telegram based on evidence suggesting it's being used to share child sexual abuse material (CSAM). [...]

ESET researchers discover another iteration of NGate malware, this time possibly developed with the assistance of AI

​CISA has given U.S. government agencies four days to secure their systems against another Catalyst SD-WAN Manager vulnerability it flagged as actively exploited in attacks. [...]

Fake emails already doing the rounds as ransomware crew boasts about what it allegedly stole UK enterprise software consultancy The Adaptavist Group is investigating a security breach after an...

Admins are tired of taking photos, so this enables secure on-site unattended enrolment Japanese industrial giant Panasonic has created a new form of QR code it says will only work on designated...

Nonprofit security organization Shadowserver found that over 6,400 Apache ActiveMQ servers exposed online are vulnerable to ongoing attacks exploiting a high-severity code injection vulnerability. [...]

And China is loving it Iranian media is claiming that the US used backdoors and/or botnets to disable networking equipment during the current war, and Chinese state media is dining out on the allegations.…

41-year-old Angelo Martino, a former employee of cybersecurity incident response company DigitalMint, has pleaded guilty to targeting U.S. companies in BlackCat (ALPHV) ransomware attacks in 2023. [...]

A new variant of the NGate malware that steals NFC payment data is targeting Android users by hiding in a trojanized version of HandyPay, a legitimate mobile payments processing tool. [...]

Agentic AI adoption is accelerating rapidly as enterprise software and applications increasingly incorporate task-specific AI agents, enabling autonomous execution of complex tasks at machine speed.

A lesson in how not to respond to vulnerability reports Vibe-coding platform Lovable is pooh-poohing a researcher’s finding that anyone could open a free account on the service and read other...

A critical security vulnerability has been disclosed in SGLang that, if successfully exploited, could result in remote code execution on susceptible systems. The vulnerability, tracked as...

Google’s highest security setting for its agents runs command operations through a sandbox and throttles network access, but is still vulnerable to prompt injection. The post Vuln in Google’s...

The attack, which originated at Context.ai, showcases the pitfalls of interconnected cloud applications and SaaS integrations with overly privileged permissions. The post Vercel’s security breach...

Installation and pre-approval without consent looks dubious under EU law One app should not modify another app without asking for and receiving your explicit consent. Yet Anthropic's Claude...

Monday’s recap shows the same pattern in different places. A third-party tool becomes a way in, then leads to internal access. A trusted download path is briefly swapped to deliver malware....

Machine-speed threats demand machine-speed defense—see how AI and automation cut dwell time and outpace attackers.

State-sponsored North Korean hackers are likely behind the $290 million crypto-heist that impacted the KelpDAO DeFi project on Saturday. [...]

Progress security advisory (AV26-371)

Compromised Context.ai OAuth tokens enabled attackers to perform a supply chain attack via trusted SaaS integrations. Learn how to assess the risk in your environment and how to prevent the next attack.

A set of 26 malicious apps on Apple App Store impersonate popular wallets, such as Metamask, Coinbase, Trust Wallet, and OneKey, to steal recovery or seed phrases and drain them of cryptocurrency...

Tyler Buchanan admits role in scheme that stole at least $8 million in virtual currency A Scottish man linked to the Scattered Spider cybercrime crew has pleaded guilty in the US to a phishing and...

The fastest way to fall in love with an AI tool is to watch the demo. Everything moves quickly. Prompts land cleanly. The system produces impressive outputs in seconds. It feels like the beginning...

Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context Protocol's (MCP) architecture that could pave the way for remote code execution and have a cascading...