The campaign hit major registries and hid behind legitimate-looking release signatures, showing how attackers can weaponize the software update process itself.
The post ‘Mini Shai-Hulud’ malware compromises hundreds of open-source packages in sprawling supply-chain attack appeared first on CyberScoop.
Experts on the topic say the G7 guidance is good, but could still use some improvements.
The post Major world economies spell out key elements of AI ‘ingredients list’ appeared first on CyberScoop.
The high volume of vulnerabilities reflects a growing trend researchers have been anticipating as artificial intelligence models are deployed to find previously uncovered defects in code.
The post Microsoft addresses 137 vulnerabilities in May’s Patch Tuesday, including 13 rated critical appeared first on CyberScoop.
Intrusion Logging marks the first feature from a major device vendor to aid with forensic detection of sophisticated threats, Amnesty International said.
The post Google and Amnesty International teamed up to make it harder for spyware vendors to hide appeared first on CyberScoop.
Startups are scaling faster, attackers are getting smarter, and investors are getting more selective. The cybersecurity industry is in the middle of a reset.
The post AI is separating the companies built to scale from the ones built to sell appeared first on CyberScoop.
ShinyHunters, a prolific cybercrime group, threatened to leak data from more than 8,800 school systems.
The post Instructure claims hackers returned stolen Canvas data after an extortion standoff appeared first on CyberScoop.
Researchers found artifacts in the code that proved AI was heavily involved. A prominent cybercrime group planned to exploit the zero-day en masse for financial gain.
The post Google spotted an AI-developed zero-day before attackers could use it appeared first on CyberScoop.
As AI and quantum threats target the backbone of the American economy, Washington must provide the guidance and incentives necessary for SMBs to access executive-level cyber expertise.
The post The missing cybersecurity leader in small business appeared first on CyberScoop.
The Senate’s top Democrat is worried about smaller government entities being left behind as AI models advance hacking risks.
The post Sen. Schumer seeks DHS plan on AI cyber coordination with state, local governments appeared first on CyberScoop.
The group that stole data from Instructure users claims that it will release the data of students from nearly 9,000 education institutions around the country.
The post ShinyHunters claims nearly 9,000 schools affected by Canvas data breach appeared first on CyberScoop.
Agentic AI is more popular than ever, but researchers keep finding trivial ways to hijack LLMs for nefarious purposes.
The post Flaw in Claude’s Chrome extension allowed ‘any’ other plugin to hijack victims’ AI appeared first on CyberScoop.
Attackers are hitting a frequent target in the network edge space, intruding victim networks through a defect in a widely used mobile endpoint security product.
The post Ivanti customers confront yet another actively exploited zero-day appeared first on CyberScoop.
The latest development has thrown scholars for a curveball, and has some worried about being “left out to dry” when it comes to job positions.
The post Trump officials are steering a cybersecurity scholarship program toward AI appeared first on CyberScoop.
The men’s separate schemes impacted almost 70 U.S. companies and generated a combined $1.2 million in revenue for the North Korean regime.
The post American duo sentenced for hosting laptop farms for North Korean IT workers appeared first on CyberScoop.
Rep. Summer Lee’s letter, first reported by CyberScoop, follows ICE confirmation of using spyware and news of a Trump ally becoming NSO Group’s executive chairman.
The post One House Democrat is pressing Commerce on the government’s spyware use appeared first on CyberScoop.
Researchers say Schemata’s platform exposed names, emails, base assignments, and course materials before the company patched the issue and contacted government authorities.
The post A DOD contractor’s API flaw exposed military course data and service member records appeared first on CyberScoop.
The vendor hasn’t released a patch for the vulnerability or described the scope and objective of confirmed attacks.
The post A critical Palo Alto PAN-OS zero-day is being exploited in the wild appeared first on CyberScoop.
The agency will begin targeted assessments meant to help critical infrastructure entities operate while disconnecting OT networks from IT and third-party vendors.
The post CISA wants critical infrastructure to operate ‘weeks to months’ in isolation during conflict appeared first on CyberScoop.
Cybersecurity and Infrastructure Security Agency officials said it’s proven a boon in numerous areas, but there are some hurdles to adoption, still.
The post CISA boasts AI automation improvements to threat analysis, mission support appeared first on CyberScoop.
Deniss Zolotarjovs was mostly tasked with putting pressure on the Russia-based crew’s victims, in one case leaking hundreds of children’s health records.
The post Latvian national sentenced for ransomware attacks run by former Conti leaders appeared first on CyberScoop.
