Along with other telemetry, Windows GDID makes online activity more traceable
Along with other telemetry, Windows GDID makes online activity more traceable
A new Android malware operation called RedWing is being rented out on Telegram as a ready-made bank-fraud service. It lets even low-skill criminals take over a victim's phone, steal their banking...
A critical flaw in Google's Dialogflow CX could have let an attacker with edit rights on one Code Block-enabled agent compromise other Code Block-enabled agents in the same Google Cloud project....
A cybercrime campaign combined a loader-as-a-service framework and DLL sideloading via a Go-compiled fake MpClient.dll, a novel evasion layer combination. The post Vidar Stealer Unmasked: Code...
Authorities didn’t name the man or file formal charges, but accuse him of participating in attacks linked to Cyber Army of Russia Reborn and NoName. The post Spain arrests suspected hacker linked...
Per usual, there's no fix - or even any documentation - for GitLost
A Microsoft 365 device code phishing campaign has been observed leveraging collaboration-themed lures to take control of victim accounts between the last week of June 2026 and into early July, per...
Google Chrome security advisory (AV26-669)
HPE security advisory (AV26-668)
A public issue can trick GitHub Agentic Workflows into leaking the contents of an organization's private repositories, researchers at Noma Security have shown. The attacker needs only to open a...
Dog-eat-dog world for credential-stealing attackers
U.S. prosecutors linked an alleged Scattered Spider hacker to a break-in at a luxury jewelry retailer using a persistent Windows device ID, according to a newly unsealed federal complaint....
Cybersecurity researchers have disclosed details of a now-patched critical session isolation vulnerability in Writer, an enterprise generative artificial intelligence (AI) platform, that could...
How targeted isolation prevents contagion in an interconnected world
Greek lawsuit comes as rights campaigners lobby the EU to take firmer stance on spyware abuses
Software supply chain security was hard enough. Then AI joined the build pipeline. For five years, "software supply chain security" meant one question: what's in your code? Which open-source...
Zimbra security advisory (AV26-667)
Samsung mobile security advisory (AV26-665)
Django security advisory (AV26-666)
Android security advisory – July 2026 monthly rollup (AV26-662)
Broadcom VMware security advisory (AV26-663)
[Control systems] ABB security advisory (AV26-664)
Majority report AI-related security incidents or vulnerabilities
When a ransomware gang picks its next target, it looks for a poorly secured organization holding valuable data, providing a vital service or doing both. Few organizations fit that description as...
Multiple U.S. Army internet subdomains were defaced in a 404 hijacking campaign, CyberScoop has confirmed. As of Monday morning, error pages on two U.S. Army websites – oil.army.mil and...
A suspected China-aligned threat activity cluster has been observed exploiting Roundcube webmail software belonging to physics and engineering departments of U.S. and Canadian universities as part...
The new OMB logging directive raises the bar on log collection and explicitly ties every maturity milestone to how well agencies know what’s on their networks. Learn why asset visibility is the...
The American companies building artificial intelligence systems are loudly complaining that their Chinese competitors are unfairly copying their technology, and they are pleading with officials to...
Russia-linked hackers are increasingly targeting Ukrainian media organizations, local officials warned, as news outlets continue to face pressure not only from cyber operations but also Russia’s...
Written by: Shebin Mathew Introduction The "Golden SAML" technique, first described by CyberArk researchers in 2017, and further detailed by Mandiant researchers in 2021, remains one of the most...
Since early 2026, Check Point Research (CPR) has tracked a new modular command-and-control framework used by Cavern Manticore, an Iran-nexus APT group primarily targeting Israeli organizations,...
Several versions of firmware released by Chinese network device manufacturer Tenda have been found to embed an undocumented authentication backdoor that enables administrative access to the...
Unit 42 says attackers are posing as helpdesk staff and persuading employees to hand over remote control before dropping EtherRAT trojan
A phishing campaign is impersonating more than 30 well-known brands, including Adobe, Netflix, Coca-Cola, and OpenAI, in fake job interviews to steal Google account credentials from marketing...
The latest generation of botnets, architected into large-scale multi-tiered proxy networks, is making traditional indicator-based defenses obsolete, empowering nation-state and cybercrime threat...
The Department of Justice (DOJ) and Department of Homeland Security (DHS) issued an interim final rule codifying how state, local, tribal, and territorial law enforcement and correctional agencies...
The Cheyenne Board of Public Utilities has identified Goat Systems LLC, a contractor working on Meta’s in-progress data center campus in the High Plains Business Park, as the source of a discharge...
The pledge is a voluntary framework inviting organizations to commit to foundational cyber security governance, board-level accountability, and supply chain rigor. For over a decade, Cloudflare...
China-aligned attackers broke into the networks of U.S. and Canadian universities to steal sensitive data and establish persistent access via webshells and backdoors, Proofpoint threat researchers...
The White House will host a summit with industry on Tuesday dedicated to innovation in quantum information sciences and technologies, featuring remarks from tech policy and agency leadership...
The U.S. cyber defense agency CISA is using Anthropic’s AI model Mythos to audit government software, three people familiar with the matter said on Monday, another sign of government enthusiasm...
Palencia man suspected of links to CARR, Z-Pentest, and NoName057(16), plus helping a Ukrainian hacker flee to Russia
Several versions of firmware released by Chinese network device manufacturer Tenda have been found to embed an undocumented authentication backdoor that enables administrative access to the...
Whitehall's latest attempt to boost corporate cyber hygiene has already produced a curious roll call
Impunity is real, but not absolute. This report maps how Russia, Ukraine, and the West punish, tolerate, or manage post-Soviet cybercriminals.
BeyondTrust has released updates to address two critical security flaws affecting Remote Support (RS) and Privileged Remote Access (PRA) products that, if successfully exploited, could allow...
Not sure this will have any effect, but I support the effort: According to Google’s legal filing, Outsider Enterprise operates through Telegram. The group offers phishing-as-a-service to...
Speaking at the NATO Summit Defense Industry Forum in Ankara today (July 7), NATO Secretary General Mark Rutte launched a new multinational High Visibility Project on defense critical raw...
This report contains industrial threat statistics for Q1 2026, including industrial threat distribution by type, source, region and industry.
Talos’ latest findings on UAT-7810 indicate that the threat actor continues to develop their custom-made malware.
Proofpoint researchers said attackers targeted physics and engineering departments, and warn that the campaign is likely ongoing. The post Suspected Chinese espionage group used a Roundcube...
Table of Contents Introduction Infection Chain Technical Analysis Conclusion Seqrite Coverage Indicators of Compromise (IOCs) MITRE ATT&CK Mapping Introduction The Seqrite Threat Research Team...
An Iranian hacking group affiliated with Iran's Ministry of Intelligence and Security (MOIS) has been wielding a previously undocumented modular command-and-control (C2) framework dubbed Cavern...