Cybersecurity researchers have discovered what they say is the first Android malware that abuses Gemini, Google’s generative artificial intelligence (AI) […]
PromptSpy Android Malware Abuses Gemini AI to Automate Recent-Apps Persistence Read More »
UncategorizedTwo former Google engineers and one of their husbands have been indicted in the U.S. for allegedly committing trade secret
Three Former Google Engineers Indicted Over Trade Secret Transfers to Iran Read More »
UncategorizedThe slower pace of upgrades has the unintended impact of creating a haven for attackers, especially for initial access brokers
Latin America’s Cyber Maturity Lags Threat Landscape Read More »
CybersecurityThe slower pace of upgrades has the unintended impact of creating a haven for attackers, especially for initial access brokers
Latin America’s Cyber Maturity Lags Threat Landscape Read More »
CybersecurityA user-friendly PhaaS tool beats standard methods for detecting phishing attacks by live-proxying legitimate login sites. Source: https://www.darkreading.com/threat-intelligence/starkiller-phishing-kit-mfa
Best-in-Class ‘Starkiller’ Phishing Kit Bypasses MFA Read More »
CybersecurityA user-friendly PhaaS tool beats standard methods for detecting phishing attacks by live-proxying legitimate login sites. Source: https://www.darkreading.com/threat-intelligence/starkiller-phishing-kit-mfa
Best-in-Class ‘Starkiller’ Phishing Kit Bypasses MFA Read More »
CybersecurityThe cyberattack disrupted information and booking systems and lasted for several hours. The post German Rail Giant Deutsche Bahn Hit
German Rail Giant Deutsche Bahn Hit by Large-Scale DDoS Attack Read More »
UncategorizedOpenClaw faces security vulnerabilities and misconfiguration risks despite rapid patches and its transition to an OpenAI-backed foundation. The post OpenClaw
OpenClaw Security Issues Continue as SecureClaw Open Source Tool Debuts Read More »
UncategorizedSecurity researchers have seen the vulnerabilities being exploited to deliver shells, conduct reconnaissance, and download malware. The post Ivanti Exploitation
Ivanti Exploitation Surges as Zero-Day Attacks Traced Back to July 2025 Read More »
UncategorizedFormerly named Valkyrie, the company’s funding includes $25 million raised in a Series A round. The post Venice Security Emerges
Venice Security Emerges From Stealth With $33M Funding for Privileged Access Management Read More »
UncategorizedThe blockchain-based lender has confirmed a data breach after ShinyHunters leaked over 2GB of data allegedly stolen from the company.
Nearly 1 Million User Records Compromised in Figure Data Breach Read More »
UncategorizedA maximum severity security vulnerability in Dell RecoverPoint for Virtual Machines has been exploited as a zero-day by a suspected
Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024 Read More »
UncategorizedIn 2025, navigating the digital seas still felt like a matter of direction. Organizations charted routes, watched the horizon, and
Cybersecurity Tech Predictions for 2026: Operating in a World of Permanent Instability Read More »
UncategorizedCybersecurity researchers have disclosed multiple security vulnerabilities in four popular Microsoft Visual Studio Code (VS Code) extensions that, if successfully
Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs Read More »
UncategorizedCybersecurity researchers have disclosed a critical security flaw in the Grandstream GXP1600 series of VoIP phones that could allow an
Grandstream GXP1600 VoIP Phones Exposed to Unauthenticated Remote Code Execution Read More »
UncategorizedNew research from the Citizen Lab has found signs that Kenyan authorities used a commercial forensic extraction tool manufactured by
Citizen Lab Finds Cellebrite Tool Used on Kenyan Activist’s Phone in Police Custody Read More »
UncategorizedA China-related attacker has exploited the vendor flaw since mid-2024, allowing it to move laterally, maintain persistent access, and deploy
Dell’s Hard-Coded Flaw: A Nation-State Goldmine Read More »
CybersecurityA China-related attacker has exploited the vendor flaw since mid-2024, allowing it to move laterally, maintain persistent access, and deploy
Dell’s Hard-Coded Flaw: A Nation-State Goldmine Read More »
CybersecurityDiscover a strategic approach to govern scraping risks, balance security with business growth, and safeguard intellectual capital from automated data
A CISO’s Playbook for Defending Data Assets Against AI Scraping Read More »
CybersecurityDiscover a strategic approach to govern scraping risks, balance security with business growth, and safeguard intellectual capital from automated data
A CISO’s Playbook for Defending Data Assets Against AI Scraping Read More »
CybersecurityWith more than 37 million combined downloads, the extensions expose users to tracking and personal information theft. The post Over
Over 300 Malicious Chrome Extensions Caught Leaking or Stealing User Data Read More »
UncategorizedA previously unknown threat actor tracked as UAT-9921 has been observed leveraging a new modular framework called VoidLink in its
UAT-9921 Deploys VoidLink Malware to Target Technology and Financial Sectors Read More »
UncategorizedSeveral state-sponsored actors, hacktivist entities, and criminal groups from China, Iran, North Korea, and Russia have trained their sights on
A previously undocumented threat actor has been attributed to attacks targeting Ukrainian organizations with malware known as CANFAIL. Google Threat
Google Ties Suspected Russian Actor to CANFAIL Malware Attacks on Ukrainian Orgs Read More »
UncategorizedDisclosed at the end of January, the SolarWinds vulnerability was likely exploited as a zero-day since December 2025. The post
CISA Warns of Exploited SolarWinds, Notepad++, Microsoft Vulnerabilities Read More »
UncategorizedExploitation attempts target CVE-2026-1731, a critical unauthenticated remote code execution flaw in BeyondTrust Remote Support. The post BeyondTrust Vulnerability Targeted
BeyondTrust Vulnerability Targeted by Hackers Within 24 Hours of PoC Release Read More »
UncategorizedHackers stole personal information such as names, addresses, and phone numbers from a customer contact system. The post Dutch Carrier
Dutch Carrier Odido Discloses Data Breach Impacting 6 Million Read More »
UncategorizedCheck Point has acquired Israeli cybersecurity companies Cyata, Cyclops, and Rotate. The post Check Point Announces Trio of Acquisitions Amid
Check Point Announces Trio of Acquisitions Amid Solid 2025 Earnings Beat Read More »
UncategorizedOther noteworthy stories that might have slipped under the radar: vulnerabilities at 277 water systems, DoD employee acting as money
In Other News: Google Looks at AI Abuse, Trump Pauses China Bans, Disney’s $2.7M Fine Read More »
UncategorizedCybersecurity researchers have discovered a fresh set of malicious packages across npm and the Python Package Index (PyPI) repository linked
Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems Read More »
Uncategorized