Flux RSS

Android’s LSPosed-based attack hijacks payment apps via runtime manipulation and SIM-binding bypass

State-sponsored attackers joined by Chinese snoops and hackers-for-hire in latest round of economic penalties The Council of the European Union sanctioned Emennet Pasargad on Monday, a company used as a front for a series of Iranian cyberattacks.…

CursorJack shows how malicious MCP deeplinks in Cursor IDE can trigger user-approved code execution

Armis reveals that “mutually assured disruption” is no longer preventing state-backed attacks

Akamai says 87% of organizations suffered an API-related security incident last year

The US Cyber Monitoring Center should be operational in 2027, said the UK CMC leadership

Midmarket security leaders aren't as secure as they think, says Intruder's report Partner Content The midmarket matters. JP Morgan estimates approximately 300,000 organizations generating $13T in annual revenue. Yet they occupy an awkward position in the security landscape. They're large enough to be attractive targets with complex digital estates, significant revenue, and valuable data, but not large enough to have the headcount, budget maturity, or tooling sophistication of an enterprise security team.…

SCION: Proven in banking and healthcare, slow to spread everywhere else Feature BGP, the Border Gateway Protocol, was not designed to be secure. It was designed to work – to route packets between the thousands of autonomous systems that make up the internet, quickly and at scale.…

Equipment for smart European cable systems - Works Anonymous (not verified) Tue, 03/17/2026 - 08:45 Opening: 17 March 2026 Closing: 30 June 2026 This call supports the upgrade of existing submarine telecommunications/digital infrastructures to “smart capabilities” enabling applications that monitor them as well as other surrounding critical infrastructures (e.g. power cables, pipelines, etc.) and/or their vicinity. Main link https://ec.europa.eu/info/funding-tenders/opportunities/portal/screen/opportuni… Related topics Digital connectivity Connecting Europe Facility Funding for Digital {"service":"share","version":"2.0","color":true,"networks":["x","facebook","linkedin","email","more"]}

Backbone connectivity for Digital Global Gateways - Studies Anonymous (not verified) Tue, 03/17/2026 - 08:19 Opening: 17 March 2026 Closing: 30 June 2026 This call for proposals will fund studies related to the deployment/significant upgrade of backbone networks that address risks, vulnerabilities and dependencies in the EU backbone infrastructure. GettyImages © Dragon Claws Main link https://ec.europa.eu/info/funding-tenders/opportunities/portal/screen/opportuni… Related topics Digital connectivity Connecting Europe Facility Funding for Digital {"service":"share","version":"2.0","color":true,"networks":["x","facebook","linkedin","email","more"]}

Admins may be even more exhausted by then, because securing Microsoft’s AI helper is not a trivial job Gartner analyst Dennis Xu has half-jokingly suggested banning use of Microsoft’s Copilot AI on Friday afternoons, because he fears at that time of week users may be too lazy to properly check its possibly offensive output.…

AI helped send weekly threat signal count from 80 million to 400 billion, then helped response time shrink from two days to 30 minutes Australia’s Commonwealth Bank built its own agentic AI threat hunting tools, because vendors are too slow to develop tools that can cope with emerging AI-powered threats, according to General Manager of Cyber Defence Operations Andrew Pade.…

Operations and hospital networks not affected, we're told Robotics-assisted surgical tech firm Intuitive said that unauthorized intruders gained access to some of its internal IT business applications after stealing an employee's credentials during a phishing attack.…

Hacktivists use proxy services from Russia, China for 'billions of designed-for-abuse connection attempts' Cybercrime has skyrocketed since the start of the Iran war, according to Akamai, which reports a 245 percent increase in everything from credential harvesting attempts to automated reconnaissance traffic aimed at banks and other critical businesses.…

Drivers in the Russian city of Perm have been enjoying an unexpected bonus this week: free parking. Not because the city council suddenly decided to embrace generosity - but rather because hackers succeeded in knocking the city's payment system offline. Read more in my article on the Hot for Security blog.

Interpol says fraud schemes using the tech are 4.5x more profitable AI is apparently good for the bottom line if your business is crime. Financial fraud schemes carried out with the help of artificial intelligence are 4.5 times more profitable than those that aren't enhanced, according to Interpol's latest estimates.…

Some of these campaigns are linked to Darcula, a Chinese-language phishing-as-a-service platform

CrackArmor AppArmor flaws let local Linux users gain root, break containers and enable DoS attacks

DNS-based attack in AWS Bedrock AgentCore lets AI sandboxes exfiltrate cloud data

Back button blunder in WebFiling service run by Companies House revealed confidential paperwork Companies House was forced to pull down its record-filing platform for the entire weekend to rectify a "security issue" that exposed the personal details of company directors and other data to any logged in users.…