In an unprecedented move, the FCC also said it plans to mandate that owners and operators of submarine line terminal equipment (SLTE) be licensed.
By automatically loading MCP servers from workspace files, Amazon Q enabled attackers to execute code and access sensitive cloud environments.
A database of almost a million passports from around the world was leaked online. Note what happened. A high-value credential—a passport—was used in an ancillary low-value authentication system:...
Authors: Dixit Panchal & Soumen Burma Table of Contents: Introduction: Key Targets: Infection Chain: Initial Findings about Campaign: Initial Mail: Email Attachment: Lure: Official GoI, Income Tax...
Your business may be small, but its attack surface is anything but. Readiness is the first step to resilience.
One rule for the workers, another for execs
In June 2026, telecommunications tower infrastructure company American Tower was the target of a ShinyHunters "pay or leak" extortion campaign. The group subsequently published data allegedly...
Qihoo 360, which the US has banned, says it’s needed as a deterrent to weaponized Anthropic models
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these...
Spotted in intrusions targeting insurance, education, IT, and professional services sectors
Former employee accuses company of prioritizing pending IPO over client security
Government entities and critical infrastructure were targeted for espionage in SE Asia by attackers using a hybrid toolkit, including custom TinyRCT backdoor. The post CL-STA-1062 Targets...
An analysis of a popular Google Chrome ad block extension for YouTube has uncovered the ability to execute arbitrary JavaScript code. According to Island, the extension, named Adblock for YouTube...
In this week’s newsletter, Martin considers how AI will help threat intelligence by creating an easily queryable data source of intelligence reports.
It’s dumb out there again. This week has the usual smell of prod on fire and nobody wanting to admit who left the door open — old creds still working, trusted apps doing sketchy crap, browser...
Senior research associate Emile Dirks has been elected to serve as a member of PEN Canada's board of directors. The post Emile Dirks Elected to PEN Canada’s Board of Directors appeared first on...
Earlier this month, a German court ruled that Google is liable for its AI search summaries. Rejecting defenses like “users can check for themselves,” and that they generally know “that information...
Despite the abundance of telemetry at analysts’ disposal, many security operations teams struggle to answer a few basic questions during incident investigation: What happened? What evidence do we...
HPE security advisory (AV26-633)
A previously undocumented Rust-based macOS implant and information stealer has been found to embed a prompt injection payload designed to trick a malware analyst's artificial intelligence (AI)...
A new, stealthy backdoor named Mistic has been deployed as part of suspected financially motivated attacks aimed at multiple organizations spanning insurance, education, IT, and professional...
Nathan Austad, who sold access to compromised accounts through a criminal storefront, is the third and final defendant sentenced in the 2022 breach The post Minnesota man known as ‘Snoopy’...
Remote access trojans (RATs) are legacy threats that continue to evolve alongside an expanding and ever-changing threat landscape. Following our recently published articles about novel and notable...
Written by: Jordan Jones Introduction Google Threat Intelligence Group (GTIG) has conducted an in-depth analysis of a .NET backdoor, tracked as STOCKSTAY, that has been continually developed and...
Current and near-term Chinese artificial intelligence capabilities could counter or replicate how the U.S. military plans and conducts operations, especially complex strike packages such as those...
Chinese cybersecurity firm 360 Security Technology has developed what it calls a domestic answer to Anthropic’s Mythos, it said on Wednesday, casting the U.S. model as a strategic cyber capability...
Britain’s museums and galleries are being left vulnerable to thefts and cyber-attacks that could put priceless collections at risk, MPs have warned. A report by the public accounts committee (PAC)...
The space sector is seeing a dramatic rise in the tempo and sophistication of cyberattacks following U.S. and Israel-led military operations in Iran, according to cybersecurity experts. “From a...
The Department of Energy is kickstarting a quantum computing effort tied to the Genesis Mission following a pair of quantum-focused executive orders signed by President Donald Trump on Monday. The...
Commerce Secretary Howard Lutnick told executives at a closed-door meeting Monday that his department is studying state-subsidized robotics imports and signaled the administration could take...