Subscribe below for free to get these delivered straight to your inbox
The ShinyHunters cybercrime group is extorting dozens of Fortune 500 firms via a shaming blog after stealing data from Salesforce, Red Hat, and Discord.
Discover how the Librarian Ghouls APT uses a novel technique to wake sleeping computers, creating a nightly window to steal crypto wallets and deploy miners.
A bug in OpenAI’s ChatGPT exposed user chat history titles and the personal payment information of some Plus subscribers. Read the facts about the March 2023 incident.
A survey by The Muse finds nearly 80% of US workers have been victims of career catfishing. Learn what this job deception is and how to vet your next employer.
The Czech data protection authority has ordered police to shut down an illegal facial recognition system at Prague Airport for unlawfully processing biometric data.
The UK’s National Cyber Security Centre (NCSC) reports a record four ‘nationally significant’ cyberattacks per week, targeting critical infrastructure and public services.
A factual report on the ShinyHunters threat group’s extensive corporate extortion campaign, detailing their methods and high-profile data breach victims.
A deep dive into the Mysterious Elephant APT group, which targets governments in Asia using custom malware and spear-phishing to exfiltrate sensitive WhatsApp data.
A hacker claims a massive University of Pennsylvania data breach, stating they stole 1.2 million donor records after compromising an employee’s SSO account.
Google officially confirmed that its new AI-powered Search Generative Experience (SGE) will feature advertisements. Discover the new ad formats being tested.
Microsoft releases Windows 11 Insider Preview Build 26220.7051 to the Canary Channel, introducing the ‘Ask Copilot’ feature for direct file interaction.
A real-world analysis of the Desjardins data breach reveals how failures in password controls and access management led to a malicious insider leaking 9.7M records.
The National Security Agency (NSA) has issued an urgent public advisory for all Microsoft users, detailing actionable steps to prevent hackers from accessing accounts.
A factual analysis of the AI prompt engineering topic ‘Verbalized Sampling.’ Reporting on the technique is not possible as the provided source is non-existent.
Following a confirmed Gmail security breach, Google has issued an official warning for users to stop using passwords and adopt passwordless security like passkeys.
Okta’s stock has dropped ~20% post-earnings despite strong financials and raised guidance. As an IAM leader, the company is focused on profitable growth.
OpenAI updated its Terms of Service, making user data from consumer services like ChatGPT and DALL-E available for AI model training by default. API data is excluded.
OpenAI is considering an ad-supported model for the free version of ChatGPT, using its memory feature to deliver personalized ads based on user chat history.
Cybersecurity researchers report the Aisuru botnet has evolved from a DDoS attack tool into a commercial residential proxy service, monetizing infected IoT devices.
A factual report on the AI privacy crisis, covering documented events like the ChatGPT bug that exposed user data and the Samsung corporate information leaks.
The UK’s NHS is facing significant challenges in its mandatory upgrade to Windows 11 due to incompatible hardware and slow-moving third-party software suppliers.
Microsoft is testing Bluetooth LE Audio and Auracast support in Windows 11 Insider builds, allowing audio sharing to multiple devices. This feature is currently limited to select AI PCs with…
A new guide helps MSPs meet rising client expectations for security by turning advanced cybersecurity and compliance services into a major growth opportunity.
A security analysis by Vectra AI reveals critical Google Workspace misconfigurations. Learn about five key settings you must check, including MFA, app access, and admin roles.
Researchers from Contextual AI discovered a vulnerability in Claude 3 Sonnet, using a ‘many-shot jailbreaking’ technique and polite phrasing to extract private data.
Hackers compromised an Ivy League university’s email system to send a mass message calling the school a ‘Dogshit Elitist Institution’ and alleging illegal activity.
A Vectra AI report details 5 critical Microsoft 365 security settings that are commonly missed, exposing organizations to attacks via Entra ID and Exchange.
Microsoft is testing a new client-side scareware sensor in the Edge browser to provide faster detection and blocking of sophisticated technical support scams.
Microsoft support for Windows 10 ends on October 14, 2025. This stops free security updates, leaving millions of users vulnerable to ransomware and other threats.
A severe vulnerability named Brash, disclosed by researcher Jose Pino, crashes Chromium browsers by exploiting a flaw in the Blink rendering engine’s DOM management.
At the Picus Breach and Simulation (BAS) Summit, experts asserted that cyber defense is no longer about prediction but proof. Learn why BAS is now essential.
IBM X-Force uncovered a phishing campaign in Colombia using SVG files in emails to deliver Hijack Loader, which in turn deploys the PureHVNC Remote Access Trojan.
The PhantomRaven malware campaign has been found in 126 npm packages, attracting over 86,000 installs to steal GitHub tokens and CI/CD secrets from developers.
IBM Cloud’s quantum computing platform is experiencing a significant outage, preventing researchers and developers from accessing its advanced quantum systems globally.
The Eclipse Foundation revoked leaked Open VSX access tokens following a Wiz security report. The tokens, exposed in public repositories due to developer error, were canceled.
Google reveals its Android AI defenses now block 10 billion malicious calls and messages monthly. The system also blocked 100M+ suspicious RCS numbers to stop scams.
Learn about Defense Against Configurations (DAC), a new security layer for macOS that targets common admin errors and system misconfigurations before hackers can exploit them.
An analysis of the ‘ChatGPT Atlas Browser’ topic. Research confirms this event is not verifiable, as the product and associated vulnerability reports are non-existent.
A cybersecurity investigation has uncovered a spyware campaign targeting US Android users with malicious apps disguised as ChatGPT, DALL·E, and WhatsApp.
OpenAI announced its Aardvark AI agent, a large language model created to help cybersecurity teams by automating the analysis of security alerts and reports.
OpenAI has announced Aardvark, an autonomous AI agent powered by GPT-5. The agent is designed to help developers find, assess, and fix code vulnerabilities.
Palo Alto Networks reports on Airstalk, a new malware from a suspected nation-state actor used in a likely supply chain attack. It misuses MDM APIs for C2.
A China-linked group, UNC6384, exploited an unpatched Windows shortcut flaw to target European diplomats with PlugX malware via spear-phishing attacks in late 2025.
AI notetakers like Otter AI introduce significant data privacy risks. Learn the steps to discover which employees are using these tools and how to remove them.
Microsoft has terminated access to its Azure AI and storage services for an elite Israeli intelligence unit after discovering violations of its acceptable use policy.
You must be logged in to post a comment.