The massive amount of junk code that hides the malware's logic from security scans was almost certainly generated by AI, researchers say.
CVE-2025-53521 was initially disclosed in October as a high-severity denial-of-service (DoS) flaw, but new information has revealed the bug is actually much more dangerous.
The two key economic sectors struggle with security for a reason: Many insiders view access management as a roadblock, while attackers see it as a way in.
The vulnerability, which is allegedly triggered by a corrupted sticker in the messaging app, received a 9.8 CVSS score, but Telegram denies it exists.
Tax-season phishing floods deliver RMM malware, credential theft, BEC and tax-form scams
Lloyds app glitch exposed up to 447,936 customers’ transactions and personal data during update
Researchers at ReliaQuest warn of persistent malware campaign targeting enterprise credentials
Researchers from watchTowr and Defused have found evidence that attackers are actively exploiting CVE-2026-3055, a critical NetScaler vulnerability
The UK Information Commissioner’s Office has handed a £100,000 fine to Birmingham-based TMAC
The European Commission has revealed details of a data breach impacting its AWS infrastructure
Chinese APT Red Menshen's super-advanced BPFdoor malware defeats traditional cybersecurity protections. All telcos can do, really, is try hunting it down.
Push Security has uncovered a new AiTM phishing campaign targeting TikTok for Business accounts using Google and TikTok themed login pages
Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware
The list of countries exploiting internet-connected cameras to give them eye's inside their adversaries' borders continues to expand, with Russia, Iran, Israel, Ukraine, and the United States all using the tactic. What should companies look out for?
Operational technology (OT) at industrial and critical infrastructure sites seem to have been benefitting from a lull in ransomware, and hackers' relative ignorance of OT systems.
The post-quantum future may be coming sooner than you think, as Google plans to have PQC migration in place by 2029.
‘Q-Day’ and the cybersecurity problems it brings could come as early as 2029 as Google accelerates its post-quantum cryptography migration
The UK government has sanctioned Xinbi, described as “the second-largest illicit online marketplace ever”
Nation-state malware is being sold on the Dark Web and leaked to GitHub; and ordinary organizations might not stand much of a chance of defending themselves.