Latest from todayNorth Korean hackers abuse LNKs and GitHub repos in ongoing campaignThe multi-stage campaign targeting South Korea uses weaponized Windows shortcuts and GitHub-based command-and-control to evade detection.By Shweta SharmaApr 6, 20264 minsCyberattacksCybercrimeSecurity Security lapse lets researchers view React2Shell hackers’ dashboardBy Howard SolomonApr 3, 20265 minsCybercrimeMalwareSecurity A core infrastructure engineer pleads guilty to federal charges in insider attackBy Evan SchumanApr 3, 20263 minsCyberattacksCybercrimeLegalGoogle patches fourth Chrome zero-day so far this yearBy Maxwell Cooter Apr 3, 20262 minsBrowser SecurityEndpoint ProtectionVulnerabilities Internet Bug Bounty program hits pause on payoutsBy Maxwell Cooter Apr 3, 20262 minsBugsOpen SourceVulnerabilities Claude Code is still vulnerable to an attack Anthropic has already fixedBy Maxwell Cooter Apr 3, 20262 minsCode SecurityDevelopment ToolsVulnerabilities CERT-EU blames Trivy supply chain attack for Europa.eu data breachBy John E. Dunn Apr 3, 20264 minsCloud SecurityCode SecuritySecurity Cloudflare’s new CMS is not a WordPress killer, it’s a WordPress alternativeBy Evan Schuman Apr 2, 20267 minsBusinessEnterpriseInternet Security Cisco fixes critical IMC auth bypass present in many productsBy Lucian Constantin Apr 2, 20264 minsNetwork SecuritySecurityVulnerabilities Threat actors are spreading malicious extensions via VS marketplaces Report from Wiz also says developers are uploading extensions that include access tokens and other secrets. By Howard Solomon Oct 20, 2025 9 mins Cybercrime Development Tools Malware Foreign hackers breached a US nuclear weapons plant via SharePoint flaws A foreign actor infiltrated the National Nuclear Security Administration’s Kansas City National Security Campus through vulnerabilities in Microsoft’s SharePoint browser-based app, raising questions about the need to solidify further fede By Cynthia Brumfield Oct 20, 2025 8 mins Cyberattacks Data Breach Government IT Government considered destroying its data hub after decade-long intrusion Attack highlights the constant threat from state-sponsored cyber attacks on governments and businesses. By Maxwell Cooter Oct 17, 2025 4 mins Cyberattacks Cybercrime Data and Information Security North Korean threat actors turn blockchains into malware delivery servers ‘EtherHiding’: Nation-state and cybercriminal groups are leveraging smart contracts as command-and-control servers for deliveing malicious payloads hidden on blockchains. By Lucian Constantin Oct 17, 2025 5 mins Advanced Persistent Threats Cyberattacks Malware Critical ASP.NET core vulnerability earns Microsoft’s highest-ever severity score The Kestrel web server flaw allows request smuggling attacks, but the actual risk depends on the application code and deployment. By Gyana Swain Oct 17, 2025 5 mins Security Vulnerabilities ‘Zero Disco’ campaign hits legacy Cisco switches with fileless rootkit payloads Researchers warn of fileless payloads, memory hooks, and a UDP-based C2 controller that complicate detection and remediation. By Shweta Sharma Oct 17, 2025 3 mins Security Vulnerabilities Source code and vulnerability info stolen from F5 Networks IT and security leaders should install latest patches from the application delivery and security vendor after suspected nation-state hack. By Howard Solomon Oct 15, 2025 7 mins Network Security Security Vulnerabilities Flax Typhoon exploited ArcGIS to gain long-term access Flax Typhoon turned the trusted ESRI mapping tool into a web shell, gaining persistent access. By Nidhi Singal Oct 15, 2025 7 mins Advanced Persistent Threats Security TigerJack’s malicious VSCode extensions mine, steal, and stay hidden The coordinated campaign abuses Visual Studio Code and OpenVSX extensions to steal code, mine cryptocurrency, and maintain remote control, all while posing as legitimate developer tools. By Shweta Sharma Oct 15, 2025 4 mins Malware Security October 2025 Patch Tuesday: Holes in Windows Server Update Service and an ancient modem driver Admins are urged to immediately patch actively exploited vulnerabilities, including those in the legacy Agere modem driver in Windows. By Howard Solomon Oct 14, 2025 9 mins Security Software Threat and Vulnerability Management Vulnerabilities Scattered Lapsus$ Hunters extortion site goes dark: What’s next? Group leaks data stolen from small subset of the 39 companies it threatened last week. By John E. Dunn Oct 14, 2025 4 mins Cybercrime Malware Ransomware SonicWall VPNs face a breach of their own after the September cloud-backup fallout A fresh wave of credential-driven campaigns has impacted over 100 SSLVPN accounts across more than a dozen organizations. By Shweta Sharma Oct 14, 2025 3 mins Data Breach Security Oracle issues second emergency patch for E-Business Suite in two weeks Information disclosure flaw, CVE-2025-61884, emerges weeks after zero-day attacks, raising questions about broader security issues in Oracle’s flagship ERP platform. By Gyana Swain Oct 14, 2025 5 mins Security Vulnerabilities EU to sign UN Convention on Cybercrime This international treaty establishes common standards at the global level to improve cooperation on cybercrime and the exchange of evidence in electronic format to help in criminal investigation or prosecution. By Víctor Manuel Fernández Oct 14, 2025 3 mins Cybercrime Hacking Security Gladinet file sharing zero-day brings patched flaw back from the dead Criminals are targeting a new vulnerability that makes mitigation urgent, says managed SOC company. By John E. Dunn Oct 13, 2025 4 mins Zero-Day Vulnerabilities Aisuru’s 30 Tbps botnet traffic crashes through major US ISPs The Mirai-born botnet Aisuru targeted networks powering online gaming giants and sending 29.6 Tbps of DDoS traffic through infected routers. By Shweta Sharma Oct 13, 2025 4 mins DDoS Security Apple bumps RCE bug bounties to $2M to counter commercial spyware vendors Apple takes aim at sophisticated mercenary spyware attacks with revamp of its bug bounty program. By Lucian Constantin Oct 10, 2025 7 mins Mobile Security Technology Industry Threat and Vulnerability Management FBI seizes BreachForums servers as threatened Salesforce data release deadline approaches Domain seized for a third time as police attempt to crack down on the group claiming major SaaS hack. By John E. Dunn Oct 10, 2025 5 mins Cloud Security Ransomware Security SonicWall data breach affects all cloud backup customers In mid-September, SonicWall reported a security incident in its cloud backup service. It’s now clear that all customers are affected. By Julia Mutzbauer Oct 10, 2025 2 mins Data Breach Open-source DFIR Velociraptor was abused in expanding ransomware efforts China-based threat actors abused outdated Velociraptor to maintain persistence and help deploy Warlock, LockBit, and Babuk ransomware. By Shweta Sharma Oct 10, 2025 4 mins Ransomware Security LockBit, DragonForce, and Qilin form a ‘cartel’ to dictate ransomware market conditions The alliance aims to coordinate attacks and share resources as law enforcement pressure mounts. By Gyana Swain Oct 9, 2025 5 mins Ransomware Security ClayRat spyware turns phones into distribution hubs via SMS and Telegram The fast-evolving Android RAT spreads by impersonating popular apps and exploiting contact trust to propagate malicious links across victims’ networks. By Shweta Sharma Oct 9, 2025 4 mins Phishing Security Homeland Security’s reassignment of CISA staff leaves US networks exposed As the DHS moves some CISA staff to immigration and border roles, experts warn of slower threat detection, delayed advisories, and rising risks for both federal and enterprise systems. By Nidhi Singal Oct 9, 2025 4 mins Government IT Security GitHub Copilot prompt injection flaw leaked sensitive data from private repos Hidden comments in pull requests analyzed by Copilot Chat leaked AWS keys from users’ private repositories, demonstrating yet another way prompt injection attacks can unfold. By Lucian Constantin Oct 8, 2025 5 mins Application Security Artificial Intelligence DevSecOps Unplug Gemini from email and calendars, says cybersecurity firm The warning comes after the discovery that some AI agents, including Gemini, are vulnerable to ASCII Smuggling attacks. By Howard Solomon Oct 8, 2025 6 mins Artificial Intelligence Network Security Security Computer mice can eavesdrop on private conversations, researchers discover ‘Mic-E-Mouse’ proof-of-concept attack extracted voice data picked up by mouse sensors. By John E. Dunn Oct 8, 2025 4 mins Security Open-source monitor turns into an off-the-shelf attack beacon Hackers used log poisoning and web shells to convert Nezha into a remote access tool targeting networks across East Asia. By Shweta Sharma Oct 8, 2025 4 mins Cyberattacks Security Salesforce AI agents set to assist enterprises with security and compliance Salesforce has been adding new features and capabilities since the launch of its AI agent platform a year ago at a furious pace. Today, Salesforce added two new agents, one to handle security issues and an agent that handles privacy and compliance. By Maria Korolov Oct 8, 2025 5 mins Artificial Intelligence Compliance Security 10.0-severity RCE flaw puts 60,000 Redis instances at risk The critical vulnerability allows attacks to escape the in-memory data store’s Lua sandbox and subsequently execute arbitrary code on the underlying server. By Lucian Constantin Oct 7, 2025 3 mins Threat and Vulnerability Management Vulnerabilities Google DeepMind launches an AI agent to fix code vulnerabilities automatically CodeMender aims to help developers keep pace with AI-powered vulnerability discovery by automatically patching security flaws. By Gyana Swain Oct 7, 2025 4 mins Engineer Generative AI Security Phishers turn 1Password’s Watchtower into a blind spot A convincing fake breach alert nearly tricked a Malwarebytes employee into giving away their 1Password credentials. By Shweta Sharma Oct 7, 2025 3 mins Phishing Security Oracle issues emergency patch for zero-day flaw exploited by Cl0p ransomware gang Information about the vulnerability exposed by EBS portals is spreading, raising likelihood of new attacks, experts warn. By John E. Dunn Oct 6, 2025 5 mins Security Vulnerabilities Zero-Day Vulnerabilities Gemini Trifecta: AI autonomy without guardrails opens new attack surface Three vulnerabilities in Google’s Gemini AI tools exposed risks in Cloud Assist, Search, and Browsing — allowing prompt injection, logic manipulation, and stealth data leaks before being patched. By Shweta Sharma Oct 6, 2025 4 mins Generative AI Security Vulnerabilities Extortion gang opens data leak site to squeeze victims of its Salesforce attacks Scattered Lapsus$ Hunters is also vowing to assist with customer lawsuits against Salesforce. By Howard Solomon Oct 3, 2025 9 mins Cybercrime Ransomware Newly-discovered threat group hijacking IIS servers for SEO fraud, warns Cisco Talos Campaign by UAT-8099 began targeting weakly-secured web servers across several countries in April. By John E. Dunn Oct 3, 2025 4 mins Cyberattacks Network Security Security Oracle E-Business Suite users targeted in extortion campaign Cl0p-linked threat actors are targeting Oracle E-Business Suite users with spear-phishing emails claiming theft of sensitive ERP data. By Taryn Plumb Oct 2, 2025 7 mins Application Security Ransomware Security Red Hat OpenShift AI weakness allows full cluster compromise, warns advisory There’s no evidence of exploitation but sysadmins will want to check their environments. By John E. Dunn Oct 2, 2025 3 mins Cloud Security Vulnerabilities That innocent PDF is now a Trojan Horse for Gmail attacks A new technique uses PDFs to bypass filters and fetch malicious payloads. By Taryn Plumb Oct 1, 2025 6 mins Malware Network Security Security Chinese APT group Phantom Taurus targets gov and telecom organizations Researchers have attributed separate clusters of previously tracked malicious activity to a single group that has elevated its tactics this year, adding previously undocumented Microsoft IIS backdoors to its arsenal. By Lucian Constantin Oct 1, 2025 4 mins Advanced Persistent Threats Cyberattacks Microsoft plots new path for Sentinel, adding agentic AI features The cloud SIEM is gaining long-term data lake log storage, AI graph visualization, support for MCP, and a way to interact with custom agents built in Security Copilot, but it’s unclear yet whether agentic AI will help or hinder CISOs. By John E. Dunn Oct 1, 2025 5 mins Artificial Intelligence Security Software Government shutdown deepens US cyber risk, exposing networks to threat actors As Trump’s cyber spending cuts and CISA firings weaken defenses, the latest government shutdown leaves federal networks even more exposed to nation-state and criminal hackers looking to exploit thinned defenses. By Cynthia Brumfield Oct 1, 2025 6 mins Government Government IT Security CISA 2015 cyber threat info-sharing law lapses amid government shutdown The expiration of a landmark cybersecurity law strips liability protections for cyber threat information sharing, leaving US cyber defenses weaker until lawmakers act. By Cynthia Brumfield Oct 1, 2025 7 mins Government Government IT Security Don’t drink or drive, say cyberattackers Beer, cars and cyber risk: Jaguar Land Rover and Japanese brewer Asahi are reeling from cyberattacks as threat actors aim for widespread disruption. By Taryn Plumb Sep 30, 2025 7 mins Cyberattacks Phishing Security Threat actors could retrieve valid usernames from VMware by exploiting vulnerabilities Holes in NSX and vCenter could be leveraged to gain network access, advisory cautions. By Howard Solomon Sep 30, 2025 5 mins Network Security Security Vulnerabilities Databricks enters the cybersecurity arena with an AI-driven platform The lakehouse provider aims to unify security data and respond to AI threats faster without replacing existing tools. By Shweta Sharma Sep 30, 2025 3 mins Artificial Intelligence Security Security Software Chinese hackers breached critical infrastructure globally using enterprise network gear RedNovember group exploited VPN appliances and firewalls to hit defense contractors, government agencies, and manufacturers in a year-long espionage campaign. By Gyana Swain Sep 29, 2025 5 mins Cyberattacks Security XWorm campaign shows a shift toward fileless malware and in-memory evasion tactics The multi-stage attack uses encrypted shellcode, steganography, and reflective DLL loads to deploy XWorm without leaving obvious files. By Shweta Sharma Sep 29, 2025 3 mins Malware Network Security Security Meet LockBit 5.0: Faster ESXi drive encryption, better at evading detection Researchers call it an evolution from earlier versions and not a leap forward, but still advise CSOs to better secure ESXi hosts. By Howard Solomon Sep 26, 2025 6 mins Cybercrime Ransomware Trust in MCP takes first in-the-wild hit via squatted Postmark connector A malicious npm package disguised as Postmark’s MCP connector quietly siphoned thousands of emails. By Shweta Sharma Sep 26, 2025 4 mins Artificial Intelligence Cyberattacks Security Okta introduces Identity Security Fabric to secure AI agents The platform’s lifecycle management, cross-app access, and verifiable credentials aim to reduce attack surfaces and ensure compliance as AI agents gain elevated access across enterprise systems. By Gyana Swain Sep 26, 2025 4 mins Identity Management Solutions Security Security Software 1…67891011121314…424 Show me morePopularArticlesPodcastsVideos opinion Authentication is broken: Here’s how security leaders can actually fix it By Bhanu HandaApr 6, 20269 mins Access ControlAuthenticationIdentity and Access Management feature 6 ways attackers abuse AI services to hack your business By John LeydenApr 6, 20267 mins Artificial IntelligenceCyberattacksCybercrime opinion Escaping the COTS trap By Anant WairagadeApr 6, 20269 mins Artificial IntelligenceEnterprise ArchitectureSecurity Software podcast CSO Executive Sessions ASEAN: From Compliance to Cyber Resilience-Securing Patient Trust in Southeast Asia’s Hospitals By Estelle QuekFeb 24, 202623 mins CyberattacksCybercrimeRansomware podcast How Intelligence and AI Are Changing Cyber Defense | Erin Whitmore, Former CIA By Joan GoodchildFeb 4, 202628 mins CyberattacksCybercrime podcast Inside the SMB Threat Landscape: AT&T’s Senthil Ramakrishnan on Why Small Businesses Are Cybercrime’s Favorite Target By Joan GoodchildJan 13, 202623 mins CybercrimeSmall and Medium Business video CSO Executive Sessions ASEAN: From Compliance to Cyber Resilience-Securing Patient Trust in Southeast Asia’s Hospitals By Estelle QuekFeb 24, 202623 mins CSO and CISOElectronic Health RecordsRansomware video How Intelligence and AI Are Changing Cyber Defense | Erin Whitmore, Former CIA By Joan GoodchildFeb 4, 202628 mins CyberattacksCybercrime video Inside the SMB Threat Landscape: AT&T’s Senthil Ramakrishnan on Why Small Businesses Are Cybercrime’s Favorite Target By Joan GoodchildJan 13, 202623 mins CybercrimeSmall and Medium Business