Click any tag below to further narrow down your results
Links
This article discusses the enduring success of ServiceNow in the enterprise software space, emphasizing its outdated UI and the importance of systems of record. It also touches on current challenges for startups post-product-market fit and the shifting landscape of venture capital with significant declines in secondary market valuations.
The article examines a BGP route leak involving Venezuela's state ISP, CANTV (AS8048), which redistributed routes improperly on January 2. This incident highlights potential issues with CANTV's routing policies rather than malicious intent, as similar leaks have occurred frequently in recent months.
Researchers reveal how service providers fuel the pig butchering scams, enabling criminal networks to launch operations with minimal effort. These services supply tools for social engineering, money laundering, and managing victims, creating a scalable online fraud economy.
Gainsight's CEO downplayed the effects of a recent attack that compromised some Salesforce customer tokens, claiming only a few clients were directly affected. Ongoing investigations by Gainsight and Mandiant are trying to determine the full scope of the breach and its impact on other third-party applications. Discrepancies in reported victim numbers highlight the confusion surrounding the incident.
Google found a new malware called PROMPTFLUX that uses Visual Basic Script to modify itself by interacting with its Gemini AI model. This malware seeks to evade detection by generating obfuscated code and is still in the development phase, lacking the ability to compromise networks. Security experts debate its effectiveness and significance.
A new malware called GlassWorm has been discovered targeting macOS systems through compromised OpenVSX extensions. The attack, which involved pushing malicious updates to four extensions, aims to steal passwords, crypto-wallet data, and developer credentials. Users who downloaded the affected extensions should clean their systems and change their passwords.
Canon confirmed its U.S. subsidiary was targeted in the Oracle E-Business Suite hacking campaign. The incident affected only a web server, and no Canon data has been leaked so far. Other companies, including Cox Enterprises and Mazda, also reported impacts from the same campaign.
ShinyHunters claimed to have breached cybersecurity firm Resecurity and accessed sensitive data, but Resecurity stated that the hackers interacted with a honeypot designed to log unauthorized activity. The firm provided evidence showing the attack was a controlled trap, asserting no real data was compromised.
Poland faced a significant cyberattack where hackers accessed sensitive personal information from a loan platform, including national ID numbers and bank account details. Authorities are investigating the breach, urging affected users to change passwords and secure their data through a new government website.
LG Uplus has reported a suspected data breach to South Korea's KISA, following a pattern of cybersecurity issues among the country's major telecom operators. Investigations are ongoing, and recent reports suggest that hackers may have accessed data from thousands of servers. The situation highlights ongoing vulnerabilities in South Korea's cybersecurity framework.
Sax, a major US accounting firm, reported a data breach affecting about 220,000 individuals. The breach went undetected for over a year, raising concerns about the firm's cybersecurity measures and the potential exposure of sensitive personal and financial information.
This article discusses the security risks associated with AI adoption, particularly focusing on large language models (LLMs). It outlines the need for robust security measures and provides insights into how organizations can address these challenges effectively.
SonicWall reported a breach where attackers stole firewall configuration files from its cloud backup service, attributed to an unnamed nation-state actor. While the company claims there was no impact on its products or customer data, it remains unclear how the attackers exploited an API to conduct the breach.
Yaklang is a domain-specific programming language designed for cybersecurity tasks. It includes a dedicated virtual machine and tools for vulnerability analysis, security product development, and general-purpose programming. Its modular architecture allows users to create and automate security workflows efficiently.
Central Maine Healthcare reported a data breach affecting over 145,000 patients, compromising personal, treatment, and health insurance information. The breach was discovered on June 1, 2025, but the intrusion lasted several months. The organization has since notified affected individuals and offered credit monitoring services.
Austad, one of the hackers involved in the DraftKings breach, has pleaded guilty to conspiracy for computer intrusion and faces up to five years in prison. The attack likely compromised around 68,000 user accounts through credential stuffing, exploiting reused usernames and passwords. Two other co-conspirators have also pleaded guilty and received sentences.
Ivanti disclosed two critical vulnerabilities affecting its Endpoint Manager Mobile, which have already compromised several major organizations, including the Netherlands’ government and the European Commission. Researchers warn that attacks are spreading, with nearly 1,300 instances still exposed online. The vulnerabilities allow attackers to execute code remotely, raising concerns over ongoing exploitation.
Lumma Stealer, a malware that once infected 395,000 Windows computers, has reemerged after law enforcement disrupted its operations. Using deceptive tactics like fake CAPTCHAs, it tricks users into installing the malware themselves. The infrastructure has quickly rebuilt, posing a renewed threat worldwide.
OpenAI warns that its upcoming AI models may pose a "high" cybersecurity risk due to their enhanced capabilities. The company reports that these models could enable more people to execute cyberattacks, especially with their ability to operate autonomously for longer periods. OpenAI is increasing its efforts to address these threats through collaboration and new tools.
A data breach has exposed sensitive information from about 17.5 million Instagram accounts, including usernames, email addresses, phone numbers, and physical addresses. This information is being traded on the dark web, raising risks for identity theft and phishing attacks. Users are advised to enable two-factor authentication and change their passwords.
This article discusses how complexity in security environments hampers effective detection and response, with the network serving as a crucial source of visibility. It emphasizes the importance of investigation over mere detection and highlights continuous packet capture as a key tool for improving response times and collaboration between security teams.
This repository offers a structured 90-day study plan for learning cybersecurity, suitable for beginners and professionals alike. It includes daily modules covering key topics like networking, security principles, and ethical hacking, along with hands-on tasks and resources. Users can track their progress and build essential skills for certifications.
Cato Networks revealed HashJack, a vulnerability that uses the URL fragment to hide malicious commands for AI browser assistants. This allows attackers to manipulate AI behavior without compromising the actual website, leading to risks like credential theft and unauthorized data access.
The DedSec Project offers over 63 free tools for cybersecurity education, focusing on network security and ethical hacking. It guides users through installation and configuration on Android devices using Termux. The toolkit includes various tools for testing, analysis, and training in cybersecurity.
This article examines the growing burnout among Chief Information Security Officers (CISOs) due to increasing pressures from cyber threats, regulatory demands, and unrealistic expectations. It highlights the consequences of this burnout, including operational risks and talent loss, and suggests strategies for organizations to support their security leaders better.
Anthropic CEO Dario Amodei has been called to testify before the House Homeland Security Committee on December 17 regarding a Chinese cyber-espionage campaign involving AI. This marks the first congressional appearance by an Anthropic executive related to this AI-driven attack. Lawmakers are seeking insights on the implications of AI in cybersecurity.
This report highlights the increasing cyber threats targeting small and medium businesses (SMBs), with a focus on credential abuse and ransomware. It details the rise of business email compromise and ransomware-as-a-service, emphasizing the need for stronger security measures like passwordless authentication.
Threat actors are exploiting exposed MongoDB servers, demanding ransoms around $500 in Bitcoin to restore compromised data. A recent study found over 208,500 public MongoDB instances, with many already wiped and ransom notes left behind. Security experts recommend stronger authentication and regular updates to prevent these attacks.
This article investigates a Russian phishing campaign that uses a fake payment confirmation email to deploy the Phantom stealer malware. It details the multi-stage infection process, including the malicious ISO and executable files involved, and highlights the types of data targeted, such as credentials and cryptocurrency information.
Sedgwick has confirmed a ransomware attack that compromised a file transfer system at its subsidiary, Sedgwick Government Solutions, which serves various U.S. government agencies. The company stated that the attack was contained and did not affect its broader network or data.
Hackers accessed the Pierce County Library System's network in April 2025, compromising personal information of over 340,000 patrons, employees, and their family members. The stolen data includes names, Social Security numbers, and financial details. Affected individuals will receive free credit monitoring for a year.
Two U.S. cybersecurity professionals, Ryan Goldberg and Kevin Martin, admitted to their involvement in BlackCat ransomware attacks that extorted over $1.2 million from various companies in 2023. Despite their expertise in cybersecurity, they used their skills to conduct ransomware attacks, leading to federal charges that could result in lengthy prison sentences.
SO-CON 2026 focuses on identity security and attack path management, running from April 13-14, 2026, with additional training sessions from April 15-18. Attendees will learn about adversary tactics through talks and hands-on courses led by industry experts.
A cybersecurity firm found over 2,000 fake online stores set up to scam shoppers during major sales events like Black Friday and Cyber Monday. These sites mimic legitimate brands and use tactics like fake countdown timers to trick customers into giving away personal and financial information. Shoppers should be cautious of deals that seem too good to be true and verify offers on official brand websites.
Spektrum integrates with your existing cybersecurity tools to continuously validate that your safeguards are operational and compliant. It provides real-time cryptographic proof of performance, helping you streamline audits, insurance claims, and board reporting.
A ransomware attack on Conduent has compromised the personal information of at least 15.4 million people in Texas and another 10.5 million in Oregon, significantly more than initially reported. The stolen data includes names, Social Security numbers, and medical information. Conduent is still notifying affected individuals and has faced criticism for its lack of transparency.
This article examines the traits that make ransomware groups effective, highlighting the role of automation, customization, and advanced tools. It discusses how these elements contribute to their financial success and ability to bypass defenses, ultimately shaping security strategies for enterprises.
NordVPN investigated claims of a data breach after a hacker leaked information on a cybercrime forum. The company found no evidence of a breach in its systems and stated that the leaked data came from a third-party testing environment, not its internal infrastructure.
This article offers practical tips for achieving cybersecurity goals in 2026, emphasizing the importance of creating a structured plan rather than just stating a goal. It discusses tracking progress, overcoming procrastination, and the value of accountability and breaks.
Delta Dental of Virginia has reported a data breach affecting approximately 146,000 individuals. Stolen information includes names, Social Security numbers, and health data, accessed through a compromised email account between March and April 2025. The company is offering a year of free identity protection services to those impacted.
Google has introduced new AI detection tools and ransomware defenses for its Workspace for Education platform. These updates aim to help K-12 schools combat rising cyber threats, though concerns remain about the platform's compliance and oversight capabilities.
Eric Moret recounts a near miss with a sophisticated phishing attempt that exploited Apple’s support system. He details how scammers manipulated legitimate security protocols to gain access to his account, highlighting the psychological tactics used to deceive him.
Blumira offers a cloud-based SIEM platform designed for IT teams, enabling fast deployment and easy management of security operations. It features unlimited data ingestion at a flat rate, automated threat response, and AI-driven analysis to enhance detection and response times. The platform also simplifies compliance reporting by mapping detections to major frameworks.
A group of bipartisan senators is reviving the Health Care Cybersecurity and Resiliency Act to enhance regulations and support for cybersecurity in health care. The bill aims to improve federal coordination, update HIPAA, and provide grants to health care entities, addressing vulnerabilities exacerbated by recent cyberattacks.
This article outlines key tech trends and challenges for 2026, based on insights from various investment teams. Topics include managing unstructured data, AI's role in cybersecurity, and the evolution of infrastructure to support agent-driven workloads.
Microsoft revealed a new side-channel attack called Whisper Leak that enables attackers to infer conversation topics from encrypted traffic between users and language models. The attack works despite HTTPS encryption and can identify sensitive subjects, raising serious privacy concerns. Various AI models have shown vulnerability, prompting some companies to implement countermeasures.
Portugal's revised cybercrime law creates a legal safe harbor for security researchers acting in good faith. Researchers can now engage in certain hacking activities without fear of prosecution, provided they meet specific conditions, such as reporting vulnerabilities promptly and not seeking financial gain.
The FCC has rolled back cybersecurity requirements for telecom providers, which were established after the Salt Typhoon cyberattacks exposed critical vulnerabilities. This decision has drawn sharp criticism from security experts and lawmakers, who warn it undermines national security.
This GitHub repository offers over 65 tools and resources tailored for blue teaming activities, including network discovery, vulnerability management, and incident response. It also features tips for malware detection and analysis, alongside specific tools for various cybersecurity tasks.
This article outlines various master's degree programs offered by Georgetown University, including fields like higher education, human resources, project management, and cybersecurity. Each program lists the required credits and time to complete, ranging from 30 to 42 credits over 2 to 5 years.
The article discusses how the anime "Ghost in the Shell" anticipated modern cybersecurity threats, featuring a rogue government-backed hacker called the Puppet Master. It explores parallels between the show's plot and real-world hacking tactics, including cyber espionage and tech-enabled abuse.
Google and its partners have disrupted the IPIDEA proxy network, believed to be one of the largest residential proxy networks. The operation involved legal actions, sharing of technical intelligence, and enhanced security measures to protect users and limit the network's capabilities. This network has been linked to various malicious activities, including botnets and cyber espionage.
The article discusses a serious remote code execution vulnerability in OpenCode, an open-source AI coding agent. It highlights how this flaw allows attackers to execute arbitrary commands and potentially compromise systems, emphasizing the need for better security measures and telemetry in AI applications.
The Canadian Centre for Cyber Security reports that hacktivists have breached critical infrastructure systems, affecting water, oil, and agricultural facilities. These attacks have caused disruptions and raised safety concerns, prompting authorities to recommend stronger security measures for internet-exposed industrial control systems.
Security researchers uncovered a North Korean operation that lures engineers into renting their identities for fraudulent activities. The group uses tactics like deep fakes and deception to secure jobs at major companies while the compromised engineers take on the risks. The operation exploits both legitimate and fake identities to carry out espionage and revenue generation.
This article offers a free trial of Huntress' Managed Identity Threat Detection & Response (ITDR) for Microsoft 365. It highlights how the service protects against identity-focused cyber threats, providing 24/7 monitoring and expert analysis to prevent unauthorized access.
In 2025, an AI system identified four previously unknown security issues in OpenSSL, three of which were disclosed and fixed by the system. The findings highlight the potential of AI in proactively discovering vulnerabilities in critical infrastructure.
This article outlines the Purple Team Maturity Model, which guides security teams from disorganized chaos to structured collaboration between Red (offensive) and Blue (defensive) teams. It describes five levels of maturity, detailing how organizations can enhance their threat detection and incident response capabilities.
CISA will ramp up hiring in 2026 to recover from staffing losses under the Trump administration and address national security threats, particularly from China. The agency aims to fill key vacancies and improve its workforce strategy, including hiring state cybersecurity coordinators and enhancing partnerships with educational institutions.
DXS International, a tech provider for NHS England, reported a cyberattack that compromised its office servers. A ransomware group claimed responsibility, alleging they stole 300 gigabytes of data, though the extent of the breach and any impact on patient information remains unclear.
North Korean hackers are using spear phishing emails that mimic human rights organizations and financial institutions to distribute malware. This campaign, called "Operation Poseidon," is linked to the Konni hacking group and aims to exploit vulnerabilities in email security through deceptive links. Cybersecurity experts warn that these sophisticated tactics make such attacks difficult to defend against.
Hackers accessed personal information of about 27,500 individuals from the University of Sydney's online code library. The stolen data includes names, addresses, and job details of current and former staff, as well as some alumni and students from 2010-2019. The university is investigating the breach and notifying those affected.
A fake VS Code extension called "ClawdBot Agent" was found to be a trojan that installs malware on Windows machines without user interaction. Although it appeared legitimate, it secretly connected to a remote server to deliver malicious payloads. The investigation reveals sophisticated tactics and multiple layers of redundancy in the attack.
This article lists recent funding rounds for various companies, detailing their names, descriptions, investment amounts, dates, and locations. It highlights businesses in biotech, cybersecurity, and satellite communications, among others.
The Kimwolf botnet has compromised over 2 million Android devices, primarily targeting streaming boxes to turn them into residential proxies. Recent reports detail its expansion and connection to a network of compromised routers, which allows threat actors to conduct DDoS attacks and sell proxy services. Cybersecurity firms have identified significant increases in bot activity and vulnerabilities in residential proxy networks.
Palo Alto Networks' Wendi Whitmore warns that AI agents will become major insider threats by 2026 due to their potential access to sensitive data and systems. While these agents can enhance cybersecurity operations, their misuse could lead to significant security breaches. Companies need to implement strict access controls to mitigate risks associated with these technologies.
This article outlines a collection of 60 hands-on cybersecurity projects, ranging from basic to advanced, complete with source code. It also includes structured career paths and resources for various cybersecurity roles, such as SOC Analyst and Pentester.
Resemble AI offers a platform for generating realistic voice outputs and detecting deepfakes, used by Fortune 500 companies and government agencies. Their tools include Chatterbox for voice cloning and DETECT-3B Omni for identifying manipulated media. The service emphasizes security, allowing for on-premises deployment to keep data private.
WormGPT 4 offers lifetime access for $220, enabling users to generate malware and phishing tools without needing advanced skills. While it simplifies certain cybercrime tasks, human intervention is still necessary to bypass security measures. Another model, KawaiiGPT, is even more accessible as it's free on GitHub.
Nicholas Moore, a 24-year-old from Springfield, Tennessee, is set to plead guilty to hacking the U.S. Supreme Court’s electronic filing system multiple times. Between August and October 2023, he accessed a protected computer without authorization on 25 different occasions. Details about the specific information he obtained remain unclear.
Kali Linux has launched version 2025.4, featuring three new hacking tools and updates to desktop environments like GNOME and KDE Plasma. Key highlights include improved support for Wayland and updates for Kali NetHunter, including a preview of Wifipumpkin3 for rogue access point attacks.
New Zealand's health minister has initiated a review of a cyberattack on ManageMyHealth, potentially exposing the data of over 100,000 patients. The company, which manages health records for nearly 1.85 million people, is working with cybersecurity experts to assess the breach and safeguard data. A hacker claiming responsibility has threatened to release stolen data unless a ransom is paid.
This article offers free cybersecurity training episodes to help you protect your online accounts during the holiday shopping season. It emphasizes the importance of strong passwords and awareness of phishing scams, providing tools like a Threat Simulator to make learning engaging.
Nissan has confirmed that a data breach at Red Hat led to the exposure of information for about 21,000 customers in Fukuoka, Japan. The leaked data includes names, addresses, phone numbers, and email addresses, but no financial information was compromised. This incident marks Nissan's second cybersecurity issue this year.
Anthropic tested ten AI models on 405 smart contract exploits and found that they could replicate over half of them, generating $4.6 million in simulated attacks. The study highlights the speed at which AI can identify vulnerabilities, raising concerns about security in decentralized finance.
This article covers recent advancements in technology, including new AI capabilities from IBM and Cisco, as well as updates on cloud revenue driven by generative AI. It also highlights trends in data governance and unified communications.
Some Notepad++ users are experiencing security incidents where the software may be involved in facilitating unauthorized access. The situation is still developing, and while only a few organizations have reported issues, users should monitor specific processes and network activity related to the application.
The article outlines four major pitfalls that security vendors often fall into when conducting research. It emphasizes the importance of credibility, context, and accuracy, warning against using fear tactics, repackaging old information as new, misinterpreting data correlations, and prioritizing marketing over genuine research.
This article outlines the rise of infostealers as a major threat to identity security, highlighting their role in ransomware and data breaches. It offers practical strategies for detecting and managing these attacks, emphasizing the importance of monitoring stolen identities and utilizing operational intelligence.
This article outlines the updates in MITRE ATT&CK v18, focusing on new Detection Strategies and Analytics that enhance the framework's usability for cyber defenders. It details improvements in coverage across various domains, including enterprise, mobile, and industrial control systems, as well as the introduction of the ATT&CK Advisory Council for community input.
ZeroPath has been chosen as a Top 10 Finalist for the RSAC 2026 Innovation Sandbox Contest. They will present their innovative solutions on March 23 in San Francisco. This recognition highlights their contributions to cybersecurity.
The US Treasury reported that ransomware payments reached over $4.5 billion from 2022 to 2024. The median payment increased from $124,097 in 2022 to $175,000 in 2023, with the financial services, manufacturing, and healthcare sectors being the most targeted. Akira ransomware group led in incidents, while ALPHV/BlackCat received the highest payments.
Fintech firm Marquis is seeking compensation from SonicWall after a breach at the firewall provider exposed critical data, enabling hackers to steal customer information during a ransomware attack. Marquis confirmed that it stored a backup of its firewall configuration in SonicWall's cloud, linking the two incidents. SonicWall has requested evidence to support Marquis' claims.
RedTiger is a new malware designed to steal data from Discord users, particularly targeting French gamers. It captures authentication tokens, payment information, and can even access webcams. The malware operates stealthily, evading detection and maintaining access even if passwords are changed.
German security experts warn that state-backed hackers are using social engineering tactics to infiltrate the Signal messaging app of military leaders and journalists. They trick victims into revealing security codes or scanning malicious QR codes, allowing the attackers to access private conversations without detection.
The Everest ransomware group claims to have stolen over 1TB of data from ASUS, including sensitive camera source code and internal tools. ASUS confirmed the breach originated from a third-party supplier, asserting that it does not affect customer products or user privacy.
This article explores how smart wearables, like rings and fitness trackers, help designers monitor productivity and optimize their workflows. It discusses the benefits of real-time data on focus, energy, and activity, while also addressing security concerns and best practices for using these devices.
The University of Phoenix reported a data breach affecting 3.5 million individuals, discovered in November 2025 after cybercriminals targeted its systems over the summer. Compromised data includes names, birth dates, Social Security numbers, and bank information, though no leaked data has surfaced publicly. Other universities were also affected by the same campaign.
A malware campaign is using fake guides for OpenAI's Atlas browser to lure macOS users into downloading an infostealer named AMOS. Victims are tricked into executing a malicious command that harvests sensitive data and installs a backdoor for remote access. Basic cybersecurity practices can help prevent these attacks.
Japanese companies, including Asahi Holdings and Askul, are struggling to recover from ransomware attacks that have caused significant operational disruptions. Many firms are experiencing prolonged recovery times, shipment delays, and potential data breaches, highlighting vulnerabilities in their cybersecurity defenses.
Australia’s spy chief, Mike Burgess, highlighted the growing risk of cyber-attacks from authoritarian regimes aimed at critical infrastructure. He emphasized that these threats are no longer hypothetical, with foreign teams actively exploring options for sabotage, especially as technology advances. Burgess urged organizations to take proactive measures to manage these foreseeable risks.
Madhu Gottumukkala, the acting head of CISA, uploaded sensitive government documents to ChatGPT, triggering security warnings. His use of the AI tool was initially restricted, and there are ongoing investigations into potential security risks from this incident. Previously, he failed a polygraph test and had staff suspended for accessing classified information.
"Wake Up" is a podcast from Veeam that shares real stories from cybersecurity incidents. It highlights the human experiences and challenges faced by CISOs during crises, urging organizations to build resilience and preparedness before attacks occur.
Five individuals, including four Americans and one Ukrainian, admitted to facilitating North Korea's revenue schemes by using stolen identities to help DPRK agents secure remote jobs with U.S. companies. Their actions impacted 136 firms and generated over $2.2 million for the North Korean regime. The DOJ is also pursuing the seizure of $15 million in cryptocurrency linked to these cyber crimes.
MITRE has launched ESTM 3.0, a security framework tailored for embedded systems. This updated tool enhances cyber threat modeling and integrates with existing security frameworks, aiming to foster community contributions for further development.
BreachForums, a hacking forum, has experienced a data breach with nearly 324,000 user accounts exposed. The leak includes usernames, registration dates, and some public IP addresses, raising concerns for users and law enforcement. The forum's administrator claims this data is not recent, originating from an earlier backup.
Gartner warns organizations against using AI browsers due to their security risks. The firm highlights issues like data exposure and the potential for automated actions to lead to costly mistakes, especially in sensitive tasks. They recommend thorough risk assessments and strict monitoring if any use is permitted.
OpenMalleableC2 is a library that replicates Cobalt Strike's Malleable C2 profile format for HTTP transformations. It allows security researchers and red teams to customize C2 communications in their tools, enhancing the ability to disguise callback data in HTTP requests. The project includes a basic example of a "ping pong" agent and server for demonstration.
Comhairle nan Eilean Siar is still recovering from a ransomware attack that occurred in November 2023. Two years later, key systems remain unrepaired, and audit reports highlight ongoing cybersecurity weaknesses and staffing challenges. The council's response was deemed effective, but significant work and improvements are still needed.
Mandiant has released rainbow tables that significantly simplify the process of cracking NTLMv1 passwords, allowing attackers to recover authentication keys in under 12 hours using consumer-grade hardware. The release transforms this previously theoretical vulnerability into a practical threat, requiring organizations to take immediate action to mitigate risks.