India’s Banking, Financial Services, and Insurance (BFSI) industry stands at the intersection of innovation and risk. From UPI and digital wallets to AI-based lending and predictive underwriting,...
Security researchers have discovered a sophisticated attack technique that exploits Microsoft’s OneDrive application to execute malicious code without detection. The method, known as DLL...
Tenable Research has discovered seven vulnerabilities and attack techniques in ChatGPT, including unique indirect prompt injections, exfiltration of personal user information, persistence,...
Check Point Research uncovered four critical vulnerabilities in Microsoft Teams that could allow attackers to impersonate executives, manipulate messages, alter notifications, and forge identities...
The U.S. Treasury Department imposed sanctions on two North Korean financial institutions and eight individuals involved in laundering cryptocurrency stolen in cybercrime and fraudulent IT worker...
A severe security vulnerability has been discovered in a widely used React Native development package, potentially exposing millions of developers to remote attacks. Security researchers from...
Microsoft has warned that some systems may boot into BitLocker recovery after installing the October 2025 Windows security updates. [...]
A China-linked espionage campaign targeted a U.S. non-profit organization engaged in influencing government policy, maintaining weeks of access in April 2025. The intrusion leveraged legitimate...
The nascent collective that combines three prominent cybercrime groups, Scattered Spider, LAPSUS$, and ShinyHunters, has created no less than 16 Telegram channels since August 8, 2025. "Since its...
DHS rule would expand biometric collection to immigrants and some citizens linked to them If you're filing an immigration form - or helping someone who is - the Feds may soon want to look in your...
Overview Bumblebee malware has been an initial access tool used by threat actors since late 2021. In 2023 the malware was first reported as using SEO poisoning as a delivery mechanism. Recently in...
Nine people have been arrested in connection with a coordinated law enforcement operation that targeted a cryptocurrency money laundering network that defrauded victims of €600 million (~$688...
Details have emerged about a now-patched critical security flaw in the popular "@react-native-community/cli" npm package that could be potentially exploited to run malicious operating system (OS)...
In a bulletin to law enforcement agencies, the FBI said criminal impersonators are exploiting ICE’s image and urged nationwide coordination to distinguish real operations from fakes.
Cybersecurity researchers have disclosed details of four security flaws in Microsoft Teams that could have exposed users to serious impersonation and social engineering attacks. The...
Curly COMrades strike again Russia's Curly COMrades is abusing Microsoft's Hyper-V hypervisor in compromised Windows machines to create a hidden Alpine Linux-based virtual machine that bypasses...
Security program fails to meet federal standards as government cuts drain resources The infosec program run by the US' Consumer Financial Protection Bureau (CFPB) "is not effective," according to...
Threat actors are actively exploiting a critical vulnerability in the Post SMTP plugin installed on more than 400,000 WordPress sites, to take complete control by hijacking administrator accounts. [...]
At Wizdom 2025, we’re unveiling two new AI agents alongside new product innovations that deepen and extend the graph across SaaS, workloads, AI infrastructure, and external exposures. Together,...
Helping teams see clearly, decide wisely, and move safely.
How Wiz AI Agents and Integrations Meet You Where You Work
Providing unconditional visibility into your environment
How Wiz brings visibility, context, and continuous defense to the new era of intelligent automation.
Secure Microsoft 365 and the cloud it powers — one platform, one graph, complete context.
Ransomware is malicious software designed to block access to a computer system or encrypt data until a ransom is paid. This cyberattack is one of the most prevalent and damaging threats in the...
A vulnerability has been discovered in CWP (aka Control Web Panel or CentOS Web Panel), which could allow for remote code execution. CWP, or Control Web Panel, is a free server administration tool...
Threat actors are leveraging weaponized attachments distributed via phishing emails to deliver malware likely targeting the defense sector in Russia and Belarus. According to multiple reports from...
The Apache Software Foundation disputes claims that its OpenOffice project suffered an Akira ransomware attack, after the threat actors claimed to have stolen 23 GB of corporate documents. [...]
Citizen Lab director Ron Deibert is the recipient of the 2025 Sterling Prize in Support of Controversy by Simon Fraser University (SFU). The award recognizes his ongoing work at the intersection...
Citizen Lab senior researcher Alberto Fittarelli speaks with Negar Mortazavi, host of The Iran Podcast, about Israel-linked influence operations pushing for regime change in Iran. Fittarelli...