Flux RSS

Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware

The list of countries exploiting internet-connected cameras to give them eye's inside their adversaries' borders continues to expand, with Russia, Iran, Israel, Ukraine, and the United States all using the tactic. What should companies look out for?

Operational technology (OT) at industrial and critical infrastructure sites seem to have been benefitting from a lull in ransomware, and hackers' relative ignorance of OT systems.

‘Q-Day’ and the cybersecurity problems it brings could come as early as 2029 as Google accelerates its post-quantum cryptography migration

The UK government has sanctioned Xinbi, described as “the second-largest illicit online marketplace ever”

Nation-state malware is being sold on the Dark Web and leaked to GitHub; and ordinary organizations might not stand much of a chance of defending themselves.

The agency put foreign-made consumer routers on its list of prohibited communications devices, but the ban could create more problems down the road.

Threats actors pounced on the code injection vulnerability within hours of its disclosure, demonstrating that organizations have little time to address critical bugs.

Security researchers from Georgia Tech have observed a surge in reported CVEs for which the flaw was introduced by AI-generated code

Attackers rapidly exploited a critical Oracle WebLogic RCE flaw the same day exploit code was released, according to a CloudSEK honeypot study

Organizations repeatedly expose ports, reuse passwords, and skip patches, creating security gaps that attackers exploit for breaches. An industry veteran outlines ways to fix these common mistakes.

PwC Annual Threat Dynamics report says AI-threats are the biggest concern of clients

OpenAI’s Safety Bug Bounty program seeks to address AI safety vulnerabilities beyond traditional security flaws

Third-party resellers and brokers foil transparency efforts and allow spyware to spread despite government restrictions, a study finds.

While US government sits out this year, EU officials are on the ground in San Francisco leading the conversations on today's top cybersecurity challenges.

Cybersecurity company’s annual report issues warning over a “mass-marketed impersonation crisis” over attackers abusing legitimate credentials

The US Federal Communications Commission has placed all “consumer-grade” internet routers produced outside the US on its “covered list”

Attacks by artificial intelligence agents are a reality. Experts at Nvidia's GTC conference say defenders need to use the same tools to fight them off.

Four former NSA chiefs representing a near-complete history of US Cyber Command debate the role of offensive cyber in the government at RSAC.

Expel has warned of malicious Chrome extensions stealing users’ AI conversations