Topic: cybersecurity threats
-
Hospitals Overwhelmed by Unmanageable Threats
The healthcare sector faces a severe cybersecurity crisis, with 93% of U.S. organizations experiencing attacks in the past year, frequently disrupting patient care and exposing vast amounts of sensitive data. Key vulnerabilities include exposed staff data on people search sites, attacks on medica...
Read More » -
2025's Biggest Tech Failures: AI, Cloud, and Supply Chain
Supply-chain attacks became the dominant cybersecurity threat in 2025, exploiting trust in a single provider to cause widespread, cascading failures across interconnected digital infrastructure. These attacks are highly efficient for cybercriminals, as compromising a central source like a cloud s...
Read More » -
IT Leaders' Top 2026 Fears: AI and Cyber Risk
Cybersecurity threats are the top disruptor shaping IT strategy for 2026, with AI advancement and regulation as a close second major concern. AI-generated attacks are viewed as the most significant threat to data integrity, leading to strategic investments in cybersecurity and data resilience. Mo...
Read More » -
AI Toys for Kids: Unexpected Conversations on Sensitive Topics
AI-enabled children's toys lack basic safeguards, engaging in inappropriate conversations about explicit topics and propaganda, raising urgent safety and privacy concerns. A U.S. border proposal could require travelers from visa-waiver countries to submit years of social media history and persona...
Read More » -
Chinese Hacking Contractor Exposed in Major Data Leak
A major data breach at Chinese cybersecurity firm KnownSec exposed hacking tools and sensitive data stolen from over 80 global organizations, including terabytes of records from India, South Korea, and Taiwan, directly linking its activities to Chinese state interests. In a separate incident, sta...
Read More » -
Rethink Network Visibility for Australia's Critical Infrastructure
Government agencies in Australia and the Asia Pacific face escalating cybersecurity threats due to the deep integration of digital and physical infrastructure, making public services like transportation and healthcare prime targets for sophisticated attacks. The convergence of IT and OT systems, ...
Read More » -
Barracuda Research: Your Hub for Global Threat Intelligence
Barracuda Networks has launched Barracuda Research, a centralized hub providing threat intelligence and cybersecurity analysis to help organizations identify risks and implement protective measures. A study reveals that 31% of businesses with up to 2,000 employees struggle to handle cyberthreat i...
Read More » -
NCSC: Senior Execs Unprepared for Cyber-Attacks
UK government and security officials are urging business leaders to take immediate ownership of cybersecurity, emphasizing it is a top-level responsibility and not just a middle-management issue. Senior executives, including CEOs and board members, are ultimately accountable for leading crisis ma...
Read More » -
Master Your Data: Start with Visibility and Control
Organizations face increasing pressure to secure data as AI expands data volumes and strategic value, driving significant IT investments in cybersecurity and cloud infrastructure amid stricter regulations like Australia's updated Privacy Act. Fragmented data environments create security gaps thro...
Read More » -
EU Cyberattacks Increasingly Target Critical Infrastructure
The ENISA Threat Landscape 2025 report reveals a significant increase in cyberattacks targeting operational technology systems, which now account for 18.2% of all documented threats, driven by their growing interconnectedness and deliberate targeting by malicious actors. Pro-Russian hacker groups...
Read More » -
Bolster Defenses Against Scattered Spider Attacks, Experts Warn
The Scattered Spider hacking group poses a severe threat to businesses by using sophisticated methods like social engineering and ransomware, requiring immediate improvements in identity management, security processes, and third-party risk management. Their attack strategy often starts with vishi...
Read More » -
Czech Agency Warns of Chinese Tech Risks in Critical Infrastructure
The Czech Republic's cybersecurity agency warns critical infrastructure operators to avoid Chinese technology and data transfers due to high risks of disruption and national security threats. Chinese laws allow government access to data from private cloud providers, and malicious cyber activities...
Read More » -
Cisco Zero-Day Exploited, Kali Linux 2025.4 Released
A critical zero-day vulnerability in Cisco's email security appliances is being actively exploited by a suspected Chinese-nexus group to compromise devices and erase logs, highlighting urgent patch management needs. Major vendors like Fortinet, SonicWall, and Apple are addressing serious, activel...
Read More » -
Guardio Raises $80M in Funding From ION Crossover Partners
AI-powered coding tools are creating new security vulnerabilities by enabling rapid development of fraudulent websites, with Guardio developing specialized technology to detect malicious AI-generated code. Guardio has secured $80 million in new funding to accelerate expansion and now serves 500,0...
Read More » -
The Looming Threat of Malicious AI Agents
Businesses are rapidly adopting AI agents but lack proper security measures, particularly in identity management, creating risks as these non-human workers operate without adequate tracking of their credentials and actions. The core security challenge is that AI agents require access to sensitive...
Read More » -
AI Browsers: The Looming Cybersecurity Threat
The rapid integration of AI into web browsers introduces serious cybersecurity vulnerabilities, including data breaches and privacy invasions, as these tools collect and retain more personal data than traditional browsers. Security researchers have identified flaws in early AI browsers, such as p...
Read More » -
Gambling Network Secretly Doubles as Cybercrime Infrastructure
A long-running cybercrime network, active since around 2011, disguises itself as an illegal online gambling service while operating a massive malware and command-and-control infrastructure primarily targeting Indonesian citizens. The operation uses an extensive network of over 328,000 domains, hi...
Read More » -
AI Social Engineering: Top Cyber Threat by 2026, ISACA Finds
AI-driven social engineering is identified as the top cybersecurity threat for 2026, using AI to create convincing deceptive communications that are hard to detect, surpassing ransomware and supply chain attacks. Organizations feel underprepared for AI risks, with only 13% very prepared, and many...
Read More » -
ICE Deploys Advanced Spyware for Surveillance
China demonstrated its advanced military technology in a recent parade, highlighting its global technological ambitions. The U.S. is undergoing significant policy shifts, including rebranding the Defense Department and awarding a no-bid contract for combat training, amid debates on election integ...
Read More » -
Boost SOC Performance: Train Smarter & Respond Faster
Cybersecurity teams often lack hands-on expertise to investigate complex breaches, forcing reliance on external experts and delaying response times. TryHackMe offers gamified, interactive training with real-world scenarios, bridging the skills gap for roles like SOC analysts and threat hunters th...
Read More » -
FortiGate Firewalls Under Attack: Critical Auth Bypass Exploited
Attackers are actively exploiting a critical Fortinet firewall vulnerability (CVE-2025-59718) to bypass authentication and steal sensitive network configuration files containing encrypted credentials. The flaw, along with a related one (CVE-2025-59719), stems from improper cryptographic signature...
Read More » -
Exploit Code Released for Critical BIND 9 DNS Vulnerability
A critical security flaw (CVE-2025-40778) in BIND 9 DNS resolvers allows remote cache poisoning, enabling attackers to redirect users to malicious sites or spread malware without authentication. The vulnerability affects recursive DNS servers and authoritative servers with recursion enabled, with...
Read More » -
Code Formatting Sites Leak User Secrets and Credentials
Popular online code formatting platforms like JSONFormatter and CodeBeautify are leaking sensitive user data, including passwords and API keys, through publicly accessible links due to predictable URL patterns. Security researchers found over 80,000 exposed entries containing critical information...
Read More » -
US Border Patrol Surveils Millions of American Drivers
The US Border Patrol operates a predictive-intelligence program using hidden license-plate readers to monitor American drivers far from borders, flagging "suspicious" travel patterns and leading to stops and searches, raising Fourth Amendment concerns. Microsoft mitigated the largest recorded DDo...
Read More » -
Protect Your Business from Deepfakes: 4 Essential Steps Now
Deepfakes, created using AI, are a growing threat to businesses, enabling cybercriminals to produce convincing fake audio and video for fraud and misinformation. The risks include severe reputational and financial damage, such as stock value drops from fake announcements, and identity theft throu...
Read More » -
Secure Your Enterprise Data with Hypori Workspace
Hypori has expanded its Secure Workspace Ecosystem with new products, including Hypori Mobile and Hypori Lyte, to offer flexible, scalable, and secure mobile access while addressing modern cybersecurity challenges. Hypori Mobile provides a re-engineered virtual workspace with enhanced performance...
Read More » -
Chat Control: Is Your Privacy at Risk?
The EU's proposed Chat Control legislation aims to combat child sexual abuse by requiring digital platforms to scan for illegal content, but cybersecurity experts warn it could critically undermine digital security and personal privacy. The regulation is incompatible with end-to-end encryption, e...
Read More » -
Can Your Phishing Detection Stop 2025's Security Threats?
Social engineering attacks like Clickfix surged 500% in early 2025, with cybercriminals increasingly using AI to create sophisticated Business Email Compromise scams that exploit human psychology rather than technical vulnerabilities. Clickfix bypasses traditional defenses by tricking users into ...
Read More » -
ClickFix Phishing Kit Exposed by Cybersecurity Experts
Palo Alto Networks has identified the IUAM ClickFix Generator, a phishing toolkit that enables even novice cybercriminals to create convincing fake browser verification pages to deploy malware. The toolkit allows customization of phishing pages, detects the user's device and OS to tailor maliciou...
Read More » -
400 Million Windows PCs Face Critical Security Threat
Microsoft is ending security updates for Windows 10, leaving 400 million PCs vulnerable to cyber threats due to hardware incompatibility with Windows 11. The scale of affected devices is unprecedented, with 41% of global PCs running Windows 10, far exceeding previous Windows phase-outs and creati...
Read More » -
Microsoft, Adobe, SAP Issue Critical September 2025 Patch Tuesday Updates
The September 2025 Patch Tuesday included critical security updates from Microsoft, Adobe, and SAP, addressing numerous vulnerabilities not currently under active exploitation. Microsoft patched over 80 flaws, including a privilege escalation issue in Windows NTLM and a high-risk remote code exec...
Read More » -
Nearly Half of Workers Share Confidential Data with AI
A significant gap exists between the rapid daily adoption of generative AI by over 65% of individuals and the lack of workplace training, with 58% receiving no instruction on data security and privacy risks. The study highlights that 43% of workers have shared sensitive company information with A...
Read More » -
The All-Access AI Agent Era Has Arrived
The rise of all-access AI agents requires deep integration into operating systems and personal files, raising significant cybersecurity and privacy concerns due to centralized, sensitive data. These autonomous agents function by accessing broad data sources like emails and calendars to perform ta...
Read More » -
FCC to Roll Back ISP Cybersecurity Mandate
The FCC is reversing a cybersecurity mandate for internet providers after industry lobbying, with Chairman Brendan Carr arguing it overstepped legal authority and that companies have already improved security voluntarily. The original 2025 ruling responded to state-sponsored cyberattacks like Chi...
Read More » -
Leaked Oracle EBS Exploit Fuels New Attack Wave (CVE-2025-61882)
A critical vulnerability chain in Oracle's E-Business Suite (CVE-2025-61882) is being actively exploited following the public leak of functional exploit scripts, enabling complete system compromise. The attack uses obfuscated HTTP requests to perform server-side request forgery, tricking the serv...
Read More » -
Bitdefender GravityZone EASM Lowers Cyber Threat Risks
Bitdefender launched GravityZone External Attack Surface Management (EASM) to help organizations gain visibility into internet-connected assets and vulnerabilities, addressing complex IT security challenges. The solution proactively scans and analyzes external digital assets without endpoint inst...
Read More » -
UK, US, Australia Sanction Russian Cyber Host Media Land
The United Kingdom, United States, and Australia have jointly sanctioned three bulletproof hosting providers and four Russian executives for enabling ransomware operators and cybercriminals by supplying critical infrastructure. These services are essential to the cybercrime underworld, allowing t...
Read More » -
SOTI ONE Enhances Secure Device Management for Australian Healthcare
SOTI has upgraded its SOTI ONE Platform with Stella, an AI assistant, to enhance operational efficiency, reduce device downtime, and accelerate patient response times in the Australian healthcare sector. Outdated infrastructure and legacy systems hinder digital progress, with 99% of Australian IT...
Read More » -
Master NIS2 Compliance: Secure Passwords & MFA
The NIS2 Directive is a critical EU regulation requiring medium and large organizations in key sectors to implement stringent security controls, with a major focus on robust identity and access management to combat credential-based attacks. Compliance is mandatory for qualifying organizations, an...
Read More » -
TRA Bahrain, Mobile Operators Launch Anti-SMS Fraud Guidelines
Bahrain's TRA and mobile operators have launched new "Guidelines for Reducing Fraudulent SMS" to combat scam messages and enhance mobile security nationwide. The guidelines establish technical and operational measures for identifying and intercepting fraudulent communications, alongside public ed...
Read More » -
Kindle Ebook Hack Leads to Amazon Account Hijacking
A security researcher demonstrated that a malicious ebook file could exploit a Kindle's software to grant an attacker complete control over the user's linked Amazon account, including stored payment details. The research, presented at Black Hat Europe, highlights how the Kindle's persistent conne...
Read More » -
HashJack Attack Hijacks AI Browsers and Assistants
Security researchers have discovered a method called HashJack that embeds malicious commands in URL fragments to manipulate AI browsing tools into executing harmful actions like inserting dangerous links or sharing user data. The attack's success varies by platform, affecting Perplexity Comet, Mi...
Read More » -
Microsoft's New AI Security Agents Outsmart Hackers
Microsoft has launched advanced AI security agents that proactively identify and neutralize cyber threats, available at no extra cost for Security Copilot users on Microsoft 365 E5 plans. These AI agents are integrated into platforms like Defender, Entra, and Intune to shift security from reactiv...
Read More » -
Secure Your Upgrade: Windows 11 Migration Best Practices
Organizations face a critical transition from Windows 10 to Windows 11 due to Microsoft ending support in 2025, with market trends showing user hesitation and a surprising resurgence of older systems like Windows 7. Alternatives to Windows 11, such as Linux or Chromebooks, pose significant securi...
Read More » -
Sam Altman: Personalized AI's Privacy Risks
OpenAI CEO Sam Altman identifies AI security as the critical challenge in AI development, urging students to focus on this field due to evolving safety concerns into security issues. He highlights vulnerabilities in personalized AI systems, where malicious actors could exploit connections to exte...
Read More » -
Cloudflare Names Pat Breen VP for Australia & New Zealand
Cloudflare has appointed Pat Breen as Area Vice President for Australia and New Zealand, leveraging his 25+ years of tech leadership experience to drive regional growth and strengthen market presence. Breen highlighted the need for businesses in ANZ to innovate while securing their assets, with C...
Read More » -
CyberFOX DNS Filtering Blocks Threats Before They Enter Your Network
CyberFOX DNS Filtering is a proactive security solution that uses AI to block threats like malware and phishing before they reach the network, offering easy deployment and management for IT teams. It enhances organizational security and productivity by filtering harmful or inappropriate web conte...
Read More » -
Hackers Extort 39 Victims With New Data Leak Site
A new cybercriminal group, Scattered Lapsus$ Hunters, is extorting nearly 40 major corporations by threatening to leak stolen data from Salesforce databases obtained through social engineering. The stolen data includes personal and contact details, sensitive information like Social Security numbe...
Read More » -
DeepMind Warns of AI Misalignment Risks in New Safety Report
Google DeepMind has released version 3.0 of its Frontier Safety Framework to evaluate and mitigate safety risks from generative AI, including scenarios where AI might resist being shut down. The framework uses "critical capability levels" (CCLs) to assess risks in areas like cybersecurity and bio...
Read More » -
DHS Data Hub Leaked Sensitive Intel to Thousands
A misconfigured DHS online platform exposed 439 classified intelligence products to thousands of unauthorized users, including government staff, contractors, and foreign nationals, over two months in early 2023. The leaked data included sensitive reports on cybersecurity threats, foreign hacking,...
Read More »