Critical Security Flaws Grow with AI Use, New Report Shows
Rising hardware, API, and network flaws expose organizations to new risks in an AI-driven landscape
Information Security Magazine
Attacker Breakout Time Falls to 18 Minutes
1 week 2 days ago
ReliaQuest report claims time from initial access to lateral movement has shrunk to just 18 minutes
Car Giant Stellantis Confims Third-Party Breach
1 week 2 days ago
Stellantis confirmed that customers’ personal information was potentially exposed
Jaguar Land Rover Extends Production Pause Again
1 week 2 days ago
UK carmaker Jaguar Land Rover has said production will remain shuttered until October 1
Organizations Must Update Defenses to Scattered Spider Tactics, Experts Urge
1 week 3 days ago
Experts at a Gartner event highlighted areas of focus in identity, processes and third-party risk management to tackle the novel tactics employed by Scattered Spider
Major Cyber Threat Detection Vendors Pull Out of MITRE Evaluations Test
1 week 3 days ago
MITRE said it understands why Microsoft, SentinelOne and Palo Alto pulled out of its 2025 of ATT&CK Evaluations test – and promises to do better next year
FBI Says Threat Actors Are Spoofing its IC3 Site
1 week 3 days ago
The FBI has warned that adversaries have published fake versions of its cybercrime reporting portal IC3
Airport Chaos Enters Third Day After Supply Chain Attack
1 week 3 days ago
Heathrow, Brussels, Dublin and Berlin airports are among those disrupted by a cyber-attack on Collins Aerospace
Russian State Hackers Collaborate in Attacks Against Ukraine
1 week 6 days ago
ESET found that the FSB-affiliated groups, Gamaredon and Turla, are sharing tools to help conduct espionage attacks against Ukrainian organizations
Zero-Click Vulnerability in ChatGPT's Agent Enables Silent Gmail Data Theft
1 week 6 days ago
Researchers at Radware found a zero-click flaw in ChatGPT Deep Research agent when connected to Gmail and browsing
Attackers Abuse AI Tools to Generate Fake CAPTCHAs in Phishing Attacks
1 week 6 days ago
Trend Micro said the use of AI platforms to create and host fake CAPTCHA pages helps attackers develop more sophisticated phishing campaigns at scale and speed
Pair of Suspected Scattered Spider Hackers Charged by UK, US Authorities
2 weeks ago
One of the teenage suspects is accused of involvement in at least 120 attacks, resulting in $115m in ransom payments
New York Blood Center Alerts 194,000 People to Data Breach
2 weeks ago
A breach at the New York Blood Center resulted in theft of data for 194,000 people, including SSNs, IDs, bank and health information
1 in 3 Android Apps Leak Sensitive Data
2 weeks ago
One third of Android and over half iOS apps shown to be leaking insecure APIs and hardcoded secrets
SonicWall Discloses Compromise of Cloud Backup Service
2 weeks ago
SonicWall said that threat actors accessed firewall preference files stored in the cloud for around 5% of its firewall install base
VC Firm Insight Partners Notifies Victims After Ransomware Breach
2 weeks ago
Insight Partners has released more details of a 2024 ransomware breach impacting thousands of individuals
NCA Singles Out “The Com” as it Chairs Five Eyes Group
2 weeks ago
The UK’s National Crime Agency is the new chair of the Five Eyes Law Enforcement Group
FileFix Campaign Using Steganography and Multistage Payloads
2 weeks 1 day ago
FileFix campaign hides PowerShell script and encrypted EXEs in JPGs via multilingual phishing
Critical CVEs in Chaos-Mesh Enable In-Cluster Code Execution
2 weeks 1 day ago
A trio of critical vulnerabilities in the Chaos-Mesh platform allow in-cluster attackers to run arbitrary code, even in default configuration
TaskUs Employees Behind Coinbase Breach, US Court Filing Alleges
2 weeks 1 day ago
An employee of outsourcing firm TaskUs allegedly sold data stolen during the Coinbase data breach to hackers for $200 per record before her arrest in January 2025
Checked
9 hours 20 minutes ago