CYBERSECURITY

UnsolicitedBooker Targets Central Asian Telecoms With LuciDoor and MarsSnake Backdoors

UnsolicitedBooker Targets Central Asian Telecoms With LuciDoor and MarsSnake Backdoors

In contrast to previous attacks directed at Saudi Arabian entities, the threat activity cluster known as UnsolicitedBooker has been observed targeting.

Anthropic claims that 16 million Claude queries were used by Chinese AI companies to replicate the model.

Anthropic claims that 16 million Claude queries were used by Chinese AI companies to replicate the model.

On Monday, Anthropic announced that it had discovered "industrial-scale campaigns" carried out by DeepSeek, Moonshot AI, and MiniMax, three artificial.

Spitting Cash: ATM Jackpotting Attacks Surged in 2025

Spitting Cash: ATM Jackpotting Attacks Surged in 2025

Banks seem to have forgotten about those big metal boxes full of cash that are positioned all over the place, known as ATMs, despite spending years.

Enigma Cipher Device Still Holds Secrets for Cyber Pros

Enigma Cipher Device Still Holds Secrets for Cyber Pros

For over a century, Enigma cipher machines have remained in the imaginations of history buffs and cryptography enthusiasts, and they are still found at.

APT28 Used Webhook-Based Macro Malware to Target European Organizations

APT28 Used Webhook-Based Macro Malware to Target European Organizations

Discover how A new campaign targeting particular entities in Western and Central Europe has been linked to the Russia-affiliated state-sponsored threat.

Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb

Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb

Details of a new cryptojacking campaign that uses pirated software bundles as lures to install a custom XMRig miner program on compromised hosts have been.

How Exposed Endpoints Increase Risk Across LLM Infrastructure

How Exposed Endpoints Increase Risk Across LLM Infrastructure

An increasing number of organizations are implementing more internal services and Application Programming Interfaces (APIs) to support their own Large.

⚡ Weekly Recap: Docker Malware, 30Tbps DDoS, PromptSpy AI, Double-Tap Skimmers, and More

⚡ Weekly Recap: Docker Malware, 30Tbps DDoS, PromptSpy AI, Double-Tap Skimmers, and More

Seldom does security news follow a straight path This article explores wsl straight beacon. . This week, it seems more like a succession of abrupt turns.

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

According to cybersecurity researchers, there is an ongoing "Shai-Hulud-like" supply chain worm campaign that has used a group of at least 19 malicious.

Over 600 FortiGate devices across 55 countries are compromised by an AI-assisted threat actor.

Over 600 FortiGate devices across 55 countries are compromised by an AI-assisted threat actor.

More than 600 FortiGate devices spread across 55 countries have been compromised by a Russian-speaking, profit-driven threat actor using commercial.

EC-Council Expands AI Certification Portfolio to Strengthen U.S. AI Workforce Readiness and Security

EC-Council Expands AI Certification Portfolio to Strengthen U.S. AI Workforce Readiness and Security

Discover how With 700,000 American workers in need of reskilling and $5.5 trillion in global AI risk exposure, the Certified CISO v4 and four new AI.

CISA Adds Two Actively Exploited Roundcube Flaws to KEV Catalog

CISA Adds Two Actively Exploited Roundcube Flaws to KEV Catalog

Citing evidence of active exploitation, the U.S This article explores vulnerability cve 2025. . Cybersecurity and Infrastructure Security Agency (CISA).

Anthropic Launches Claude Code Security for AI-Powered Vulnerability Scanning

Anthropic Launches Claude Code Security for AI-Powered Vulnerability Scanning

Anthropic, an artificial intelligence (AI) company, has started to implement Claude Code with a new security feature that can find vulnerabilities in a.

Latin America's Cyber Maturity Lags Threat Landscape

Latin America's Cyber Maturity Lags Threat Landscape

Even though Latin American nations have made significant progress toward cybersecurity maturity, the region still faces obstacles due to slow development.

ClickFix Campaign Abuses Compromised Sites to Deploy MIMICRAT Malware

ClickFix Campaign Abuses Compromised Sites to Deploy MIMICRAT Malware

Researchers studying cybersecurity have revealed information about a new ClickFix campaign that uses hacked legitimate websites to spread MIMICRAT (also.

BeyondTrust Flaw Used for Web Shells, Backdoors, and Data Exfiltration

BeyondTrust Flaw Used for Web Shells, Backdoors, and Data Exfiltration

The vulnerability, identified as CVE-2026-1731 (CVSS score: 9.9), enables attackers to execute operating system commands in the context of the site user.

Identity Cyber Scores: The New Metric Shaping Cyber Insurance in 2026

Identity Cyber Scores: The New Metric Shaping Cyber Insurance in 2026

Insurance companies and regulators are giving identity posture much more weight when evaluating cyber risk since one in three cyberattacks now involve.

Emerging Chiplet Designs Spark Fresh Cybersecurity Challenges

Emerging Chiplet Designs Spark Fresh Cybersecurity Challenges

Chiplets are driving semiconductor design and displacing outdated chip designs, opening the door to innovations in self-driving cars and next-generation.

ClickFix Campaign Abuses Compromised Sites to Deploy MIMICRAT RAT

ClickFix Campaign Abuses Compromised Sites to Deploy MIMICRAT RAT

Researchers studying cybersecurity have revealed information about a new ClickFix campaign that uses hacked legitimate websites to spread MIMICRAT (also.

Former Google Engineers Indicted Over Trade Secret Transfers to Iran

Former Google Engineers Indicted Over Trade Secret Transfers to Iran

The U.S This article explores indicted google engineers. . has indicted two former Google engineers and one of their spouses for allegedly stealing trade.

Three Former Google Engineers Indicted Over Trade Secret Transfers to Iran

Three Former Google Engineers Indicted Over Trade Secret Transfers to Iran

The U.S This article explores indicted google. . has indicted two former Google engineers and one of their husbands for allegedly stealing trade secrets.

Connected and Compromised: When IoT Devices Turn Into Threats

Connected and Compromised: When IoT Devices Turn Into Threats

Despite the significant risks that the technologies pose, such as network access and credential theft, security awareness is lacking, despite the fact.

Best-in-Class 'Starkiller' Phishing Kit Bypasses MFA

Best-in-Class 'Starkiller' Phishing Kit Bypasses MFA

Traditional techniques for identifying phishing attacks, both technical and psychological, are consistently undermined by an expanding.

Details of Abu Dhabi Finance Weeks Exposed VIP Passports

Details of Abu Dhabi Finance Weeks Exposed VIP Passports

Approximately 700 attendees, including former British Prime Minister David Cameron and former White House communications director Anthony Scaramucci, had.

PromptSpy Android Malware Abuses Gemini AI to Automate Recent-Apps Persistence

PromptSpy Android Malware Abuses Gemini AI to Automate Recent-Apps Persistence

Cybersecurity researchers claim to have found the first Android malware that achieves persistence by abusing Google's generative artificial intelligence.

Microsoft Patches CVE-2026-26119 Privilege Escalation in Windows Admin Center

Microsoft Patches CVE-2026-26119 Privilege Escalation in Windows Admin Center

An attacker may be able to increase their privileges in Windows Admin Center due to a security flaw that Microsoft has now patched This article explores.

Top 5 this week

Page 1 of 12