NCSC’s Richard Horne has warned that cybercriminals do not care about business size and called for SMEs to act now to secure their organizations
OysterLoader malware evolves into 2026, refining C2 infrastructure, obfuscation & infection stages
New phishing campaign dubbed Operation DoppelBrand targeted major financial firms like Wells Fargo
A high severity vulnerability in Google Chrome and allows remote attackers to execute code
Chainalysis warns that online fraud is fuelling sophisticated human trafficking operations
Dutch telco Odido has revealed a major data breach impacting over six million customers
G7 countries ranked cyber-attacks as the top risk, while BICS members placed cyber threats only as the eighth most pressing risk
Hundreds of thousands of users have downloaded malicious AI extensions masquerading as ChatGPT, Gemini, Grok and others, warn cybersecurity researchers at LayerX
Accenture Cybersecurity warns over difficult to detect, “sophisticated toolset” being deployed as part of extortion campaigns
Google researchers found that government-backed hackers now use AI throughout the whole attack lifecycle
New TrendAI report warns that most security tools can’t protect against attacks on AI skills artifacts
Flashpoint warns of a dramatic drop in the average time between vulnerability disclosure and exploitation
Campaign combines stolen Telegram accounts, fake Zoom calls and ClickFix attacks to deploy infostealer malware
For the past week, the massive "Internet of Things" (IoT) botnet known as Kimwolf has been disrupting the The Invisible Internet Project (I2P), a decentralized, encrypted communications network designed to anonymize and secure online communications. I2P users started reporting disruptions in the network around the same time the Kimwolf botmasters began relying on it to evade takedown attempts against the botnet's control servers.
A federal court has sentenced crypto-scammer Daren Li to 20 years in absentia
This year should break all the records in terms of vulnerability disclosed, reaching or even surpassing 50,000 new CVEs disclosed
Six actively exploited zero-day bug have been patched by Microsoft
Microsoft today released updates to fix more than 50 security holes in its Windows operating systems and other software, including patches for a whopping six "zero-day" vulnerabilities that attackers are already exploiting in the wild.
High-volume phishing campaign delivers Phorpiex malware via malicious Windows Shortcut files
ZeroDayRAT is a new mobile spyware targeting Android and iOS, offering attackers persistent access