EncryptHub, a notorious threat actor linked to breaches at 618 organizations, is believed to have reported two Windows zero-day vulnerabilities to Microsoft, revealing a conflicted figure...
Today, every unpatched system, leaked password, and overlooked plugin is a doorway for attackers. Supply chains stretch deep into the code we trust, and malware hides not just in shady apps — but...
The hackers have targeted Ukraine’s armed forces, law enforcement agencies and local government bodies — especially those near the country’s eastern border, which is close to Russia.
After more than 25 years of mitigating risks, ensuring compliance, and building robust security programs for Fortune 500 companies, I’ve learned that looking busy isn’t the same as being secure....
The darknet leak site used by the ransomware gang Everest went offline Monday after being apparently hacked and defaced over the weekend.
USA secures extradition of criminals from 9 countries, including two brothers behind Rydox, a dark web market for stolen data and hacking tools.
Microsoft announced today that, based on customer feedback, it will indefinitely delay removing driver synchronization in Windows Server Update Services (WSUS). [...]
The U.S. Department of Energy (DOE) has announced plans to help ensure America leads the world in Artificial... The post US DOE unveils plans to co-locate data centers and energy infrastructure,...
Security researchers from ExtensionTotal have found nine malicious extensions in Visual Studio Code, Microsoft’s lightweight source-code editor
This report provides statistics, trends, and case details on the distribution volume and attachment threats of phishing emails collected and analyzed in March 2025. The following is a part of the...
Hillstrong Group Security, an emerging leader in operational risk intelligence (ORI), announced on Monday the appointment of William... The post Hillstrong Group Security appoints William Noto as...
Excelsior University and OPSWAT Academy, a vendor of critical infrastructure protection (CIP) cybersecurity training, announced a new partnership... The post New collaboration between Excelsior...
SSH Communications Security (SSH) has signed a solution provider agreement with Loihde who has included SSH cybersecurity solutions... The post SSH and Loihde deliver advanced cybersecurity...
Spain's police arrested six individuals behind a large-scale cryptocurrency investment scam that used AI tools to generate deepfake ads featuring popular public figures to lure people. [...]
A UK surveillance court said the backdoor order targeting Apple iCloud can be heard partly in public.
The dark web leak site of the Everest ransomware gang has apparently been hacked over the weekend by an unknown attacker and is now offline. [...]
A rise in smishing campaigns impersonating toll service providers has been linked to China’s Smishing Triad
Find us at RSAC 2025 for a backstage pass to some of the industry’s greatest hits
Google has released patches for 62 vulnerabilities in Android's April 2025 security update, including two zero-days exploited in targeted attacks. [...]
Want to know the most notable findings in Talos' Year in Review directly from our report's authors? Watch our two part video series.
Nine VSCode extensions on Microsoft's Visual Studio Code Marketplace pose as legitimate development tools while infecting users with the XMRig cryptominer to mine Ethereum and Monero. [...]
Austin, TX, USA, 7th April 2025, CyberNewsWire
Austin, TX, USA, 7th April 2025, CyberNewsWire
Xanthorox AI, a self-contained system for offensive cyber operations, has emerged on darknet forums
A malicious campaign dubbed PoisonSeed is leveraging compromised credentials associated with customer relationship management (CRM) tools and bulk email providers to send spam messages containing...
Throughout March 2025, defenders observed increasing cyber-espionage activity by the UAC-0219 hacking group targeting Ukrainian critical sectors WRECKSTEEL malware. In April, CERT-UA issued a...
A sophisticated new artificial intelligence (AI) platform tailored for offensive cyber operations, named Xanthorox AI, has been identified…
For the latest discoveries in cyber research for the week of 7th April, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The second-largest bar association in the US, The...
Written by: Rohit Nambiar Executive Summary In October 2024, Google Threat Intelligence Group (GTIG) observed a novel phishing campaign targeting European government and military organizations...
US food giant WK Kellogg Co is warning employees and vendors that company data was stolen during the 2024 Cleo data theft attacks. [...]