Unit 42 researchers observed a low-skilled threat actor using an LLM to script a professional extortion strategy, complete with deadlines and pressure tactics
Teleport study reveals that organizations running over-privileged AI have a 76% incident rate
Dragos annual report warns of a surge in ransomware attacks causing increased operational disruption in industrial environments
Hudson Rock has warned OpenClaw users that infostealers are targeting their configuration files
Security researchers have challenged end-to-end encryption claims from popular commercial password managers
NCSC’s Richard Horne has warned that cybercriminals do not care about business size and called for SMEs to act now to secure their organizations
OysterLoader malware evolves into 2026, refining C2 infrastructure, obfuscation & infection stages
New phishing campaign dubbed Operation DoppelBrand targeted major financial firms like Wells Fargo
A high severity vulnerability in Google Chrome and allows remote attackers to execute code
Chainalysis warns that online fraud is fuelling sophisticated human trafficking operations
Dutch telco Odido has revealed a major data breach impacting over six million customers
G7 countries ranked cyber-attacks as the top risk, while BICS members placed cyber threats only as the eighth most pressing risk
Hundreds of thousands of users have downloaded malicious AI extensions masquerading as ChatGPT, Gemini, Grok and others, warn cybersecurity researchers at LayerX
Accenture Cybersecurity warns over difficult to detect, “sophisticated toolset” being deployed as part of extortion campaigns
Google researchers found that government-backed hackers now use AI throughout the whole attack lifecycle
New TrendAI report warns that most security tools can’t protect against attacks on AI skills artifacts
Flashpoint warns of a dramatic drop in the average time between vulnerability disclosure and exploitation
Campaign combines stolen Telegram accounts, fake Zoom calls and ClickFix attacks to deploy infostealer malware
A federal court has sentenced crypto-scammer Daren Li to 20 years in absentia
This year should break all the records in terms of vulnerability disclosed, reaching or even surpassing 50,000 new CVEs disclosed