Flux RSS

IBM's 2026 X-Force report reveals 44% rise in cyber-attacks on public apps, driven by AI and flaws

Malicious NuGet package mimicking Stripe's library targeted developers

A former general manager of a US defense contractor has been sentenced after selling zero days to Russia

The UK’s ICO has fined Reddit over £14m for failing to use children’s personal information lawfully

DTEX claims insider incidents cost $19.5m in 2025, with employee negligence most expensive

Phishing attack mimicking Bitpanda targets users, harvesting credentials and personal information

Ransomware Medusa linked to North Korean hackers targets US healthcare amid ongoing attacks

ReliaQuest claims AI has reduced breakout and exfiltration time to under 10 minutes

Anthropic accused DeepSeek, Moonshot and MiniMax of illicitly using Claude to steal some of the AI model’s capabilities

CrowdStrike Global Threat Report warns how adversaries are leveraging AI to make campaigns more efficient and more effective

Supply chain worm mimicking Shai-Hulud malware spread via malicious npm packages, targeting AI tools has been identified by security researchers

Sophisticated Python malware uncovered in fraud probe shows obfuscation, disposable infrastructure

A low-skilled Russian-speaking attacker has used GenAI tools to help deploy a successful attack workflow targeting FortiGate instances

Advantest, a Japanese specialist in testing computer chips for major semiconductor manufacturers, has deployed incident response protocols following a cybersecurity incident

A new FBI Flash alert claims $20m was lost to ATM jackpotting attacks in 2025 alone

University of Mississippi Medical Center is still scrambling to respond to a ransomware attack last Thursday

Most phishing websites are little more than static copies of login pages for popular online destinations, and they are often quickly taken down by anti-abuse activists and security firms. But a stealthy new phishing-as-a-service offering lets customers sidestep both of these pitfalls: It uses cleverly disguised links to load the target brand's real website, and then acts as a relay between the target and the legitimate site -- forwarding the victim's username, password and multi-factor authentication (MFA) code to the legitimate site and returning its responses.

DDoS attack frequency has risen to ‘alarming levels,’ warns Radware report

A new Android malware implant using Google Gemini to perform persistence tasks was discovered on VirusTotal and analyzed by ESET

New Remcos RAT variant enhances real-time surveillance and evasion techniques to compromise Windows