Skip to main content
← All Tags

Cybersecurity

629 articles in this category (Page 12 of 27)

AI NewsCybersecurityThreat Intelligence

Fortinet Exploits, AI-Powered Attacks & Emerging Malware Dominate Recent Cybersecurity Landscape

This week’s recap highlights a critical Fortinet vulnerability and the rise of sophisticated attacks leveraging AI and evolving malware frameworks.

Read more
AI NewsCybersecurityFinTech

SAFEGUARD RECOVERY EXPERT: Crypto Asset Recovery Service

One investor recovered $278,000 in cryptocurrency lost to fraudulent brokers using a specialized recovery service.

Read more
AI NewsCybersecurityAI Applications

AI System Reduces Attack Reconstruction Time From Weeks to Hours

PNNL’s ALOHA system leverages AI to reduce attack reconstruction time from weeks to hours, accelerating threat emulation and defense.

Read more
AI NewsCybersecurityThreat Intelligence

China-Linked APT Exploits Sitecore Zero-Day in Critical Infrastructure Intrusions

Cisco Talos reports China-linked APT UAT-8837 leveraging a Sitecore zero-day (CVE-2025-53690, CVSS 9.0) against North American critical infrastructure.

Read more
AI NewsCybersecurityVulnerability

Cisco Patches Zero-Day RCE Exploited by China-Linked APT in Secure Email Gateways

Cisco addressed CVE-2025-20393, a critical 10.0 CVSS zero-day RCE flaw in AsyncOS, exploited by the China-linked UAT-9686 APT group.

Read more
AI NewsCybersecurityBrowser Security

Malicious Chrome Extensions Target Workday & NetSuite for Account Takeover

Five rogue Chrome extensions impersonating legitimate platforms like Workday and NetSuite have been discovered, resulting in stolen cookies and compromised admin controls.

Read more
AI NewsCybersecurityMalware

GootLoader Malware Employs 500-1,000 Concatenated ZIP Archives for Evasion

GootLoader malware utilizes malformed ZIP archives containing 500–1,000 concatenated files to bypass detection by tools like WinRAR.

Read more
AI NewsCybersecurityThreat Intelligence

LOTUSLITE Backdoor Targets U.S. Policy Entities Using Venezuela-Themed Spear Phishing

China-linked attackers deployed the LOTUSLITE backdoor against U.S. government targets via Venezuela-themed phishing, highlighting continued reliance on DLL side-loading.

Read more
AI NewsCybersecurityVulnerability Management

More Problems for Fortinet: Critical FortiSIEM Flaw Exploited

A critical command injection vulnerability (CVE-2025-64155) in FortiSIEM is being actively exploited, allowing unauthenticated attackers remote code execution.

Read more
AI NewsCybersecurityFraud

Microsoft Disrupts RedVDS Cybercrime Service Linked to $40 Million in Fraud

Microsoft successfully disrupted RedVDS, a crimeware subscription service enabling phishing and BEC fraud, resulting in approximately $40 million in U.S. losses and impacting 191,000 organizations.

Read more
AI NewsCybersecurityAI Risk

Model Security Is the Wrong Frame – The Real Risk Is Workflow Security

AI security risks are shifting from models to workflows, highlighted by data theft from 900,000 users via malicious extensions and prompt injection attacks.

Read more
AI NewsCybersecurityNetwork Security

Palo Alto Fixes GlobalProtect DoS Flaw That Can Crash Firewalls Without Login

Palo Alto Networks patched CVE-2026-0227, a critical GlobalProtect vulnerability allowing unauthenticated DoS attacks that force firewalls into maintenance mode.

Read more
AI NewsCybersecuritySpyware

Predator Spyware Sample Indicates 'Vendor-Controlled' C2

Jamf research reveals Predator spyware reports deployment errors to its C2, suggesting Intellexa has greater control than previously acknowledged.

Read more
AI NewsCybersecurityPrompt Injection

Reprompt Attack Enables Single-Click Data Exfiltration From Microsoft Copilot

Researchers revealed a Reprompt attack allowing single-click data exfiltration from Microsoft Copilot, bypassing enterprise security controls.

Read more
AI NewsCybersecurityThreat Intelligence

AI-Powered Voice Cloning Bypass and Telecom Security Concerns Dominate This Week’s Threats

This week’s security bulletin highlights a new AI voice cloning evasion technique, a $26M crypto hack, and increased scrutiny of telecom security practices.

Read more
AI NewsCybersecurityVulnerability Management

Vulnerabilities Surge, But Messy Reporting Blurs Picture

A record 48,177 vulnerabilities were assigned CVE identifiers in 2025, driven by expanded reporting and a shift in CVE issuance leadership.

Read more
AI NewsCybersecurityEvent Security

Winter Olympics Could Share Podium With Cyberattackers

The 2026 Milano Cortina Winter Games face threats from hacktivists, ransomware gangs, and nation-state actors seeking to disrupt or exploit the event.

Read more
AI NewsCybersecurityIAM

AI Agents Are Becoming Authorization Bypass Paths

Enterprise AI agents, designed to boost automation, are increasingly creating security risks by bypassing traditional IAM controls and granting access beyond authorized user permissions.

Read more
AI NewsNode.jsCybersecurity

Critical Node.js Vulnerability Can Cause Server Crashes via async_hooks Stack Overflow

Node.js released updates fixing a critical DoS flaw (CVE-2025-59466) caused by async_hooks stack crashes, impacting most production apps.

Read more
AI NewsCybersecurityMalware

DLL Side-Loading Exploited in Malware Campaign Delivering Trojans and RATs

A recent campaign leverages a c-ares DLL side-loading vulnerability in a signed GitKraken binary, resulting in the delivery of diverse malware like Agent Tesla and XWorm.

Read more
AI NewsCybersecurityThreat Intelligence

Microsoft Disrupts RedVDS Cybercrime Service, Seizing Key Infrastructure

Microsoft collaborated with law enforcement to disrupt RedVDS, a cybercrime-as-a-service operation responsible for stealing millions, seizing two key domains.

Read more
AI NewsCybersecurityWindows Security

Microsoft Fixes 114 Windows Flaws in January 2026 Patch, One Actively Exploited

Microsoft’s January 2026 Patch Tuesday addresses 114 Windows vulnerabilities, including an actively exploited Desktop Window Manager flaw added to CISA’s KEV list.

Read more
AI NewsCybersecurityData Privacy

64% of Third-Party Web Applications Access Sensitive Data Unjustifiably

New research reveals 64% of third-party applications on websites access sensitive data without business need, increasing risk for government and education sectors.

Read more
AI NewsCybersecurityMalware

PLUGGYAPE Malware Leverages Signal and WhatsApp to Target Ukrainian Defense

CERT-UA reports PLUGGYAPE malware attacks targeting Ukrainian defense forces via Signal and WhatsApp, demonstrating a shift towards encrypted messaging app exploitation.

Read more