Topic: cybersecurity threats
-
Chinese Hacking Contractor Exposed in Major Data Leak
A major data breach at Chinese cybersecurity firm KnownSec exposed hacking tools and sensitive data stolen from over 80 global organizations, including terabytes of records from India, South Korea, and Taiwan, directly linking its activities to Chinese state interests. In a separate incident, sta...
Read More » -
Rethink Network Visibility for Australia's Critical Infrastructure
Government agencies in Australia and the Asia Pacific face escalating cybersecurity threats due to the deep integration of digital and physical infrastructure, making public services like transportation and healthcare prime targets for sophisticated attacks. The convergence of IT and OT systems, ...
Read More » -
Barracuda Research: Your Hub for Global Threat Intelligence
Barracuda Networks has launched Barracuda Research, a centralized hub providing threat intelligence and cybersecurity analysis to help organizations identify risks and implement protective measures. A study reveals that 31% of businesses with up to 2,000 employees struggle to handle cyberthreat i...
Read More » -
NCSC: Senior Execs Unprepared for Cyber-Attacks
UK government and security officials are urging business leaders to take immediate ownership of cybersecurity, emphasizing it is a top-level responsibility and not just a middle-management issue. Senior executives, including CEOs and board members, are ultimately accountable for leading crisis ma...
Read More » -
Master Your Data: Start with Visibility and Control
Organizations face increasing pressure to secure data as AI expands data volumes and strategic value, driving significant IT investments in cybersecurity and cloud infrastructure amid stricter regulations like Australia's updated Privacy Act. Fragmented data environments create security gaps thro...
Read More » -
EU Cyberattacks Increasingly Target Critical Infrastructure
The ENISA Threat Landscape 2025 report reveals a significant increase in cyberattacks targeting operational technology systems, which now account for 18.2% of all documented threats, driven by their growing interconnectedness and deliberate targeting by malicious actors. Pro-Russian hacker groups...
Read More » -
Bolster Defenses Against Scattered Spider Attacks, Experts Warn
The Scattered Spider hacking group poses a severe threat to businesses by using sophisticated methods like social engineering and ransomware, requiring immediate improvements in identity management, security processes, and third-party risk management. Their attack strategy often starts with vishi...
Read More » -
Czech Agency Warns of Chinese Tech Risks in Critical Infrastructure
The Czech Republic's cybersecurity agency warns critical infrastructure operators to avoid Chinese technology and data transfers due to high risks of disruption and national security threats. Chinese laws allow government access to data from private cloud providers, and malicious cyber activities...
Read More » -
Guardio Raises $80M in Funding From ION Crossover Partners
AI-powered coding tools are creating new security vulnerabilities by enabling rapid development of fraudulent websites, with Guardio developing specialized technology to detect malicious AI-generated code. Guardio has secured $80 million in new funding to accelerate expansion and now serves 500,0...
Read More » -
The Looming Threat of Malicious AI Agents
Businesses are rapidly adopting AI agents but lack proper security measures, particularly in identity management, creating risks as these non-human workers operate without adequate tracking of their credentials and actions. The core security challenge is that AI agents require access to sensitive...
Read More » -
AI Browsers: The Looming Cybersecurity Threat
The rapid integration of AI into web browsers introduces serious cybersecurity vulnerabilities, including data breaches and privacy invasions, as these tools collect and retain more personal data than traditional browsers. Security researchers have identified flaws in early AI browsers, such as p...
Read More » -
Gambling Network Secretly Doubles as Cybercrime Infrastructure
A long-running cybercrime network, active since around 2011, disguises itself as an illegal online gambling service while operating a massive malware and command-and-control infrastructure primarily targeting Indonesian citizens. The operation uses an extensive network of over 328,000 domains, hi...
Read More » -
AI Social Engineering: Top Cyber Threat by 2026, ISACA Finds
AI-driven social engineering is identified as the top cybersecurity threat for 2026, using AI to create convincing deceptive communications that are hard to detect, surpassing ransomware and supply chain attacks. Organizations feel underprepared for AI risks, with only 13% very prepared, and many...
Read More » -
ICE Deploys Advanced Spyware for Surveillance
China demonstrated its advanced military technology in a recent parade, highlighting its global technological ambitions. The U.S. is undergoing significant policy shifts, including rebranding the Defense Department and awarding a no-bid contract for combat training, amid debates on election integ...
Read More » -
Boost SOC Performance: Train Smarter & Respond Faster
Cybersecurity teams often lack hands-on expertise to investigate complex breaches, forcing reliance on external experts and delaying response times. TryHackMe offers gamified, interactive training with real-world scenarios, bridging the skills gap for roles like SOC analysts and threat hunters th...
Read More » -
Exploit Code Released for Critical BIND 9 DNS Vulnerability
A critical security flaw (CVE-2025-40778) in BIND 9 DNS resolvers allows remote cache poisoning, enabling attackers to redirect users to malicious sites or spread malware without authentication. The vulnerability affects recursive DNS servers and authoritative servers with recursion enabled, with...
Read More » -
Code Formatting Sites Leak User Secrets and Credentials
Popular online code formatting platforms like JSONFormatter and CodeBeautify are leaking sensitive user data, including passwords and API keys, through publicly accessible links due to predictable URL patterns. Security researchers found over 80,000 exposed entries containing critical information...
Read More » -
US Border Patrol Surveils Millions of American Drivers
The US Border Patrol operates a predictive-intelligence program using hidden license-plate readers to monitor American drivers far from borders, flagging "suspicious" travel patterns and leading to stops and searches, raising Fourth Amendment concerns. Microsoft mitigated the largest recorded DDo...
Read More » -
Protect Your Business from Deepfakes: 4 Essential Steps Now
Deepfakes, created using AI, are a growing threat to businesses, enabling cybercriminals to produce convincing fake audio and video for fraud and misinformation. The risks include severe reputational and financial damage, such as stock value drops from fake announcements, and identity theft throu...
Read More » -
Secure Your Enterprise Data with Hypori Workspace
Hypori has expanded its Secure Workspace Ecosystem with new products, including Hypori Mobile and Hypori Lyte, to offer flexible, scalable, and secure mobile access while addressing modern cybersecurity challenges. Hypori Mobile provides a re-engineered virtual workspace with enhanced performance...
Read More » -
Chat Control: Is Your Privacy at Risk?
The EU's proposed Chat Control legislation aims to combat child sexual abuse by requiring digital platforms to scan for illegal content, but cybersecurity experts warn it could critically undermine digital security and personal privacy. The regulation is incompatible with end-to-end encryption, e...
Read More » -
Can Your Phishing Detection Stop 2025's Security Threats?
Social engineering attacks like Clickfix surged 500% in early 2025, with cybercriminals increasingly using AI to create sophisticated Business Email Compromise scams that exploit human psychology rather than technical vulnerabilities. Clickfix bypasses traditional defenses by tricking users into ...
Read More » -
ClickFix Phishing Kit Exposed by Cybersecurity Experts
Palo Alto Networks has identified the IUAM ClickFix Generator, a phishing toolkit that enables even novice cybercriminals to create convincing fake browser verification pages to deploy malware. The toolkit allows customization of phishing pages, detects the user's device and OS to tailor maliciou...
Read More » -
400 Million Windows PCs Face Critical Security Threat
Microsoft is ending security updates for Windows 10, leaving 400 million PCs vulnerable to cyber threats due to hardware incompatibility with Windows 11. The scale of affected devices is unprecedented, with 41% of global PCs running Windows 10, far exceeding previous Windows phase-outs and creati...
Read More » -
Microsoft, Adobe, SAP Issue Critical September 2025 Patch Tuesday Updates
The September 2025 Patch Tuesday included critical security updates from Microsoft, Adobe, and SAP, addressing numerous vulnerabilities not currently under active exploitation. Microsoft patched over 80 flaws, including a privilege escalation issue in Windows NTLM and a high-risk remote code exec...
Read More » -
Nearly Half of Workers Share Confidential Data with AI
A significant gap exists between the rapid daily adoption of generative AI by over 65% of individuals and the lack of workplace training, with 58% receiving no instruction on data security and privacy risks. The study highlights that 43% of workers have shared sensitive company information with A...
Read More » -
FCC to Roll Back ISP Cybersecurity Mandate
The FCC is reversing a cybersecurity mandate for internet providers after industry lobbying, with Chairman Brendan Carr arguing it overstepped legal authority and that companies have already improved security voluntarily. The original 2025 ruling responded to state-sponsored cyberattacks like Chi...
Read More » -
Leaked Oracle EBS Exploit Fuels New Attack Wave (CVE-2025-61882)
A critical vulnerability chain in Oracle's E-Business Suite (CVE-2025-61882) is being actively exploited following the public leak of functional exploit scripts, enabling complete system compromise. The attack uses obfuscated HTTP requests to perform server-side request forgery, tricking the serv...
Read More » -
Bitdefender GravityZone EASM Lowers Cyber Threat Risks
Bitdefender launched GravityZone External Attack Surface Management (EASM) to help organizations gain visibility into internet-connected assets and vulnerabilities, addressing complex IT security challenges. The solution proactively scans and analyzes external digital assets without endpoint inst...
Read More » -
UK, US, Australia Sanction Russian Cyber Host Media Land
The United Kingdom, United States, and Australia have jointly sanctioned three bulletproof hosting providers and four Russian executives for enabling ransomware operators and cybercriminals by supplying critical infrastructure. These services are essential to the cybercrime underworld, allowing t...
Read More » -
SOTI ONE Enhances Secure Device Management for Australian Healthcare
SOTI has upgraded its SOTI ONE Platform with Stella, an AI assistant, to enhance operational efficiency, reduce device downtime, and accelerate patient response times in the Australian healthcare sector. Outdated infrastructure and legacy systems hinder digital progress, with 99% of Australian IT...
Read More » -
TRA Bahrain, Mobile Operators Launch Anti-SMS Fraud Guidelines
Bahrain's TRA and mobile operators have launched new "Guidelines for Reducing Fraudulent SMS" to combat scam messages and enhance mobile security nationwide. The guidelines establish technical and operational measures for identifying and intercepting fraudulent communications, alongside public ed...
Read More » -
HashJack Attack Hijacks AI Browsers and Assistants
Security researchers have discovered a method called HashJack that embeds malicious commands in URL fragments to manipulate AI browsing tools into executing harmful actions like inserting dangerous links or sharing user data. The attack's success varies by platform, affecting Perplexity Comet, Mi...
Read More » -
Microsoft's New AI Security Agents Outsmart Hackers
Microsoft has launched advanced AI security agents that proactively identify and neutralize cyber threats, available at no extra cost for Security Copilot users on Microsoft 365 E5 plans. These AI agents are integrated into platforms like Defender, Entra, and Intune to shift security from reactiv...
Read More » -
Secure Your Upgrade: Windows 11 Migration Best Practices
Organizations face a critical transition from Windows 10 to Windows 11 due to Microsoft ending support in 2025, with market trends showing user hesitation and a surprising resurgence of older systems like Windows 7. Alternatives to Windows 11, such as Linux or Chromebooks, pose significant securi...
Read More » -
Sam Altman: Personalized AI's Privacy Risks
OpenAI CEO Sam Altman identifies AI security as the critical challenge in AI development, urging students to focus on this field due to evolving safety concerns into security issues. He highlights vulnerabilities in personalized AI systems, where malicious actors could exploit connections to exte...
Read More » -
Cloudflare Names Pat Breen VP for Australia & New Zealand
Cloudflare has appointed Pat Breen as Area Vice President for Australia and New Zealand, leveraging his 25+ years of tech leadership experience to drive regional growth and strengthen market presence. Breen highlighted the need for businesses in ANZ to innovate while securing their assets, with C...
Read More » -
CyberFOX DNS Filtering Blocks Threats Before They Enter Your Network
CyberFOX DNS Filtering is a proactive security solution that uses AI to block threats like malware and phishing before they reach the network, offering easy deployment and management for IT teams. It enhances organizational security and productivity by filtering harmful or inappropriate web conte...
Read More » -
Hackers Extort 39 Victims With New Data Leak Site
A new cybercriminal group, Scattered Lapsus$ Hunters, is extorting nearly 40 major corporations by threatening to leak stolen data from Salesforce databases obtained through social engineering. The stolen data includes personal and contact details, sensitive information like Social Security numbe...
Read More » -
DeepMind Warns of AI Misalignment Risks in New Safety Report
Google DeepMind has released version 3.0 of its Frontier Safety Framework to evaluate and mitigate safety risks from generative AI, including scenarios where AI might resist being shut down. The framework uses "critical capability levels" (CCLs) to assess risks in areas like cybersecurity and bio...
Read More » -
DHS Data Hub Leaked Sensitive Intel to Thousands
A misconfigured DHS online platform exposed 439 classified intelligence products to thousands of unauthorized users, including government staff, contractors, and foreign nationals, over two months in early 2023. The leaked data included sensitive reports on cybersecurity threats, foreign hacking,...
Read More » -
SafePay ransomware leaks 3.5TB of Ingram Micro data
The SafePay ransomware group stole 3.5TB of sensitive data from Ingram Micro, a major global IT distributor, marking another high-profile attack by the increasingly notorious cybercriminal operation. SafePay has targeted over 260 organizations in 2024, using tactics like data exfiltration and enc...
Read More » -
AI Agents' Future & Trump's Tech Protection Policies Abroad
AI agents are revolutionizing technology by performing complex tasks like scheduling and coding, with companies like OpenAI and Anthropic leading development, but their autonomy raises concerns about risks and societal readiness. Industry experts highlight AI agents' potential and limitations, di...
Read More » -
Historic 7.3Tbps DDoS Attack Shatters Records
The largest recorded DDoS attack reached 7.3 terabits per second, flooding a target with 37.4 terabytes of traffic in 45 seconds—equivalent to streaming 7,500+ hours of HD content. The attack used a "carpet bombing" technique, targeting 22,000 ports on a single IP address, showcasing its precisio...
Read More » -
Google Transforms Cloud Security with $32B Wiz Acquisition
Google's $32B acquisition of Wiz marks a significant milestone in enhancing its cloud security capabilities. Discover the strategic implications and future prospects of this groundbreaking move.
Read More » -
Microsoft Blocks Dangerous File Previews in Windows
The October 2025 Windows update disables the File Explorer Preview Pane for files marked from the internet or accessed from untrusted network shares to enhance security. This change prevents NTLM hash leakage, a vulnerability where previewing certain files could allow attackers to intercept and m...
Read More » -
Cybercriminals Upgrade ClickFix with E-commerce Tricks
Cybercriminals are enhancing the ClickFix malware delivery method by using persuasive design elements like tutorial videos and countdown timers to rush users into executing harmful commands, making pages appear legitimate. The fraudulent pages dynamically adapt to the victim's operating system an...
Read More » -
Active Attack Exploits Critical Adobe Commerce, Magento Flaw
Security researchers have identified active exploitation of a critical Adobe Commerce and Magento vulnerability (CVE-2025-54236, SessionReaper), which allows attackers to hijack customer accounts and potentially execute remote code, with over 250 attack attempts blocked in a single day. The vulne...
Read More » -
North Korean Hackers Stole $2 Billion in Crypto This Year
North Korean hackers have stolen over $2 billion in cryptocurrency in 2025, primarily through a major breach at Bybit and numerous other attributed attacks, with the actual total likely higher due to unreported incidents. The groups have shifted tactics to focus on social engineering, targeting h...
Read More » -
Nintendo Responds to Alleged Data Breach Claims
Nintendo has addressed concerns about a potential security breach, clarifying that the incident appears limited and reassuring users about their data security. The breach reportedly affected external servers for website content, with no evidence of customer data compromise or deeper system intrus...
Read More »