Flux RSS

Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware

Through the new program, OpenAI will reward reports covering design or implementation issues leading to material harm. The post OpenAI Launches Bug Bounty Program for Abuse and Safety Risks appeared first on SecurityWeek.

‘Q-Day’ and the cybersecurity problems it brings could come as early as 2029 as Google accelerates its post-quantum cryptography migration

The UK government has sanctioned Xinbi, described as “the second-largest illicit online marketplace ever”

Coruna contains the updated version of a kernel exploit used in Operation Triangulation three years ago. The post Coruna iOS Exploit Kit Likely an Update to Operation Triangulation appeared first on SecurityWeek.

Security researchers from Georgia Tech have observed a surge in reported CVEs for which the flaw was introduced by AI-generated code

Attackers rapidly exploited a critical Oracle WebLogic RCE flaw the same day exploit code was released, according to a CloudSEK honeypot study

The holdings company says hackers stole names, Social Security numbers, and driver’s license numbers from its environment. The post Hightower Holding Data Breach Impacts 130,000 appeared first on SecurityWeek.

PwC Annual Threat Dynamics report says AI-threats are the biggest concern of clients

The state-sponsored threat actor deployed kernel implants and passive backdoors enabling long-term, high-level espionage. The post Chinese Hackers Caught Deep Within Telecom Backbone Infrastructure appeared first on SecurityWeek.

The high- and medium-severity flaws could lead to denial-of-service, secure boot bypass, information disclosure, and privilege escalation. The post Cisco Patches Multiple Vulnerabilities in IOS Software appeared first on SecurityWeek.

OpenAI’s Safety Bug Bounty program seeks to address AI safety vulnerabilities beyond traditional security flaws

Halcyon and Beazley Security track the return of Iranian ransomware group Pay2Key

Hambardzum Minasyan of Armenia has been accused of being involved in the development and administration of the infostealer malware. The post Alleged RedLine Malware Administrator Extradited to US appeared first on SecurityWeek.

The startup will invest in product development and go-to-market efforts as it expands into new sectors. The post Onit Security Raises $11 Million for Exposure Management Platform appeared first on SecurityWeek.

Cybersecurity company’s annual report issues warning over a “mass-marketed impersonation crisis” over attackers abusing legitimate credentials

The US Federal Communications Commission has placed all “consumer-grade” internet routers produced outside the US on its “covered list”

Python package LiteLLM compromised with credential-stealing malware linked to TeamPCP threat group

Expel has warned of malicious Chrome extensions stealing users’ AI conversations

Silver Fox pivots from ValleyRAT tax lures to WhatsApp‑style stealers, blending espionage & phishing