Flux RSS

Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware

‘Q-Day’ and the cybersecurity problems it brings could come as early as 2029 as Google accelerates its post-quantum cryptography migration

The UK government has sanctioned Xinbi, described as “the second-largest illicit online marketplace ever”

Security researchers from Georgia Tech have observed a surge in reported CVEs for which the flaw was introduced by AI-generated code

Attackers rapidly exploited a critical Oracle WebLogic RCE flaw the same day exploit code was released, according to a CloudSEK honeypot study

PwC Annual Threat Dynamics report says AI-threats are the biggest concern of clients

OpenAI’s Safety Bug Bounty program seeks to address AI safety vulnerabilities beyond traditional security flaws

Cloud Android phones fuel financial fraud, evading detection and enabling dropper accounts

Cybersecurity company’s annual report issues warning over a “mass-marketed impersonation crisis” over attackers abusing legitimate credentials

The US Federal Communications Commission has placed all “consumer-grade” internet routers produced outside the US on its “covered list”

Expel has warned of malicious Chrome extensions stealing users’ AI conversations

on the introduction of a semi-annual reporting of borrower-related residential real estate indicators

Version of 9 March 2026

Geopolitics and cyber warfare take center stage at Infosecurity Europe as Dmytro Kuleba discusses Ukraine’s hybrid war experience

High tech was the most frequently targeted industry in Mandiant investigations in 2025, overtaking financial services which led in 2023 and 2024

CISA added CVE-2026-20131 to its KEV catalog as it is being used in ransomware campaigns

Sysdig details how threat actors exploited a critical CVE in Langflow in less than a day

(first publication: 30 October 2024)