Subscribe below for free to get these delivered straight to your inbox
APT36, a Pakistan-nexus threat actor, targeted Indian government entities in Aug-Sep 2025 with spear-phishing attacks delivering Golang-based DeskRAT malware, observed by Sekoia.
Learn about a free webinar on Oct 23, 2025, focused on securing AI at scale. The event addresses the risks of unmanaged AI agents and data protection.
Activity from the Lumma Stealer malware has seen a sudden drop following a doxxing campaign, ‘Lumma Rats,’ which exposed five alleged core group members.
CISOtransform offers an on-demand workshop for CISOs on effectively communicating cyber risk to the board. Learn to quantify risk and create compelling reports.
China’s Ministry of State Security (MSS) claims it foiled a premeditated cyber attack by the U.S. NSA targeting the National Time Service Center on March 25, 2022.
A new report reveals the Jaguar Land Rover cyber attack cost the UK economy $2.5 billion, detailing the severe financial fallout from security breaches.
North Korean hackers use fake job offers in Operation Dream Job to steal drone secrets from European defense firms. ESET identified ScoringMathTea and MISTPEN malware in attacks from March 2025.
Europol announces the disruption of a major cybercrime-as-a-service platform in Operation SIMCARTEL, which used a SIM farm to power 49 million fake accounts globally.
A US court granted a permanent injunction against Israeli spyware firm NSO Group, legally barring it from using or accessing WhatsApp’s services to target users.
Cloudflare CEO Matthew Prince unveiled the company’s new Content Signals Policy, a tool that lets websites fine-tune how their data can be used by AI crawlers.
XM Cyber and CISOTransform’s new program teaches CISOs how to translate technical data into business-centric narratives and quantify cyber risk for board reports.
Google is now deleting personal accounts inactive for two years. Learn the official criteria for account activity and the simple steps to keep your Gmail, Photos, and data safe.
Wiz’s CISO Best Practices Cheat Sheet: Cloud Edition offers proven frameworks & 90-day steps for leaders inheriting, scaling, or aligning multi-cloud programs.
Learn about ClickFix, a growing attack vector where users are tricked into copying and running malicious code. Used by ransomware groups and linked to major breaches.
An investigation into a massive S$3 billion money laundering case in Singapore has uncovered direct links to an alleged cyber-scam operation based in Cambodia.
Cisco Talos reports a North Korean threat actor is combining BeaverTail and OtterCookie malware, adding new keylogging and screenshot features to its toolset.
Former NSA and Cyber Command chief, Gen. Tim Haugh, confirms Chinese state-sponsored hackers are inside U.S. critical infrastructure, including power and water systems.
Keeper Security has been recognized in the 2025 Gartner® Magic Quadrant™ for Privileged Access Management (PAM). The acknowledgment highlights the KeeperPAM platform’s strengths in password security and threat detection. Access…
F5 Networks disclosed a year-long security breach by China-nexus group UNC5221. Attackers used BRICKSTORM malware to steal BIG-IP source code and vulnerability data.
Researcher James Pavur revealed how unencrypted satellite links expose sensitive global data, intercepting private, corporate, and government communications.
A North Korean state-sponsored hacking group, tracked as UNC5342, is using the EtherHiding technique to embed malware in blockchain smart contracts for crypto theft.
Cybersecurity researchers discovered a critical Bluetooth vulnerability in the Unitree G1 humanoid robot, leading to the exfiltration of sensitive data to China.
A factual account of the February 2014 Vodafone outage caused by a router fault. The event revealed critical national infrastructure weaknesses by impacting millions.
Microsoft has revoked over 200 fraudulent certificates used by the Vanilla Tempest threat actor to sign malware in Rhysida ransomware campaigns via fake Teams setup files.
HSB Canada has launched a new cyber insurance policy for businesses, offering coverage for data breach response, cyber extortion, and business interruption.
A North Korean hacking group is actively refining its toolset by merging its BeaverTail and OtterCookie malware and adding new keylogging and screenshot capabilities.
Australia’s eSafety Commissioner reports a disturbing trend, with deepfake image-based abuse incidents now occurring at least once a week in the nation’s schools.
A North Korean hacking group is actively refining its toolset by merging its BeaverTail and OtterCookie malware, according to Cisco Talos. OtterCookie was also updated.
The U.S. DOJ has indicted voting technology firm Smartmatic and its ex-CEO for a multi-year bribery and money laundering scheme involving a top Philippine official.
Mastercard partners with the EU’s cybersecurity agency, ENISA, contributing its expertise in fraud prevention to strengthen Europe’s digital defense framework.
Find out how current and former AT&T customers affected by the data breach can claim a cash payment and up to $7,500 from the $177.5M class-action settlement.
Cybersecurity researchers detail a new campaign targeting Russian auto and e-commerce firms with a previously undocumented .NET implant known as CAPI Backdoor.
Users report fake McAfee ‘subscription expired’ pop-ups. Learn how this browser notification scam works and the steps to remove it from Chrome, Edge, or Firefox.
Chinese threat actors have expanded Winos 4.0 (ValleyRAT) attacks to Japan and Malaysia, using a new remote access trojan called HoldingHands RAT in their campaigns.
A new report from Sonatype reveals a 742% average annual increase in software supply chain attacks. One in eight open-source downloads contains a known vulnerability.
Discover how a devastating AI model poisoning attack crippled a global logistics network’s predictive systems, leading to chaos. Uncover the new risks of AI.
Apple has updated its bug bounty program, introducing a new payout multiplier that could see security researchers earn over $5 million for critical vulnerabilities.
BT Group has developed an AI-powered ‘network immune system’ to autonomously detect and block cyberattacks in real time, quarantining threats automatically.
Microsoft has released a security update to lock down Internet Explorer (IE) mode in Edge after threat actors exploited a critical vulnerability to create backdoors.
Federal agencies like the NHTSA are investigating Tesla’s Autopilot for safety violations after numerous crashes. Learn the facts about these ongoing probes.
Learn to distinguish real antivirus notifications from fake browser pop-up warnings. This guide explains how to identify tech support scams and what actions to take.
Former rugby star Brian O’Driscoll was a guest speaker at a Dublin cybersecurity summit disrupted by protesters due to an IDF officer’s scheduled appearance.
You must be logged in to post a comment.