wolfSSL security advisory (AV26-344)
Dell security advisory (AV26-343)
Anthropic restricted its Mythos Preview model last week after it autonomously found and exploited zero-day vulnerabilities in every major operating system and browser. Palo Alto Networks' Wendi...
The cybersecurity industry is obsessing over Anthropic’s new model, Claude Mythos Preview, and its effects on cybersecurity. Anthropic said that it is not releasing it to the general public...
Rockstar Games has suffered a data breach linked to a recent security incident at Anodot, with the ShinyHunters extortion gang now leaking the stolen data on its data leak site. [...]
More than 70 organizations, including the ACLU, EPIC, and Fight for the Future, say the AI smart glasses feature would endanger abuse victims, immigrants, and LGBTQ+ people.
A critical vulnerability in the wolfSSL SSL/TLS library can weaken security via improper verification of the hash algorithm or its size when checking Elliptic Curve Digital Signature Algorithm...
The FBI Atlanta Field Office and Indonesian authorities have dismantled the "W3LL" global phishing platform, seizing infrastructure and arresting the alleged developer in what is described as the...
The North Korean hacking group tracked as APT37 (aka ScarCruft) has been attributed to a fresh multi-stage, social engineering campaign in which threat actors approached targets on Facebook and...
Red Hat security advisory (AV26-341)
IBM security advisory (AV26-342)
Adobe Acrobat security advisory (AV26-340)
Travel giant says names, contact details, dates, and hotel messages potentially exposed Booking.com is warning customers that their reservation details may have been exposed to unknown attackers,...
[Control systems] CISA ICS security advisories (AV26–339)
Ubuntu security advisory (AV26-338)
One of the fastest growing initial access techniques we are seeing right now is Okta vishing: voice-based social engineering designed to compromise the identity provider rather than the inbox.
OpenAI is rotating potentially exposed macOS code-signing certificates after a GitHub Actions workflow executed a malicious Axios package during a recent supply chain attack. [...]
The Federal Aviation Administration and Pentagon said on Friday they had signed an agreement allowing the government’s use of a high-energy laser counter-drone system along the southern U.S....
Booking.com has confirmed via a statement to BleepingComputer that it has detected unauthorized access to its systems that has exposed sensitive reservation and user data. [...]
Homeland Security Secretary Markwayne Mullin is recalling all furloughed Department of Homeland Security staff to report to their next scheduled shift, despite the ongoing partial government...
Just three ransomware groups were responsible for almost half of all ransomware attacks during the last month, analysis of reported incidents has revealed. According to cybersecurity analysts at...
New developments are unfolding in Tallahassee this week following last year’s deadly mass shooting at Florida State University. The FSU community is coming up on one year since a gunman tore...
For the latest discoveries in cyber research for the week of 13th April, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The Los Angeles Police Department has reported a...
A man was arrested for allegedly throwing a Molotov cocktail at OpenAI CEO Sam Altman’s home and then threatening to burn down the artificial intelligence company’s San Francisco headquarters on...
Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from tens of thousands – if not more – organizations. We won’t know the full blast...
U.S. security agencies are concerned that state-backed hackers or criminal enterprises may be eyeing this summer’s FIFA World Cup. Whether for notoriety or to protest U.S. foreign policy, these...
The U.S. military was poised to begin a blockade of all Iranian ports and coastal areas on Monday, as President Donald Trump sought to ratchet up pressure on Iran in a move that risks driving oil...
A new action plan for the Internet of Things (IoT) increases the possibility that Chinese-built connected infrastructure in the United States could become a platform for data access, cyber...
As AI grows more capable of identifying software vulnerabilities, experts are increasingly warning of a potential disaster scenario: the so-called “Vulnpocalypse.” Hackers could quickly...
OpenAI revealed a GitHub Actions workflow used to sign its macOS apps, which downloaded the malicious Axios library on March 31, but noted that no user data or internal system was compromised....