Information security

[ follow ]
#russian-hackers #power-grid #power-grid-attack #input-validation #cve-2022-2856 #phishing
#malware
Information security
fromTheregister
45 minutes ago

Fake Linux Foundation leader using Slack to phish devs

A malware campaign targets open source developers via Slack, impersonating a Linux Foundation official to steal credentials and compromise systems.
Information security
fromTheregister
45 minutes ago

Fake Linux Foundation leader using Slack to phish devs

A malware campaign targets open source developers via Slack, impersonating a Linux Foundation official to steal credentials and compromise systems.
more#malware
Information security
fromThe Hacker News
2 minutes ago

JanelaRAT Malware Targets Latin American Banks with 14,739 Attacks in Brazil in 2025

JanelaRAT malware targets financial institutions in Latin America, stealing sensitive data and employing advanced infection techniques.
Information security
fromBitcoin Magazine
1 hour ago

Crypto Exchange Kraken Faces Extortion Attempt After Insider Access Incidents Involving Support Staff

Kraken experienced two insider-related security incidents but confirmed no systems were breached and no client funds were at risk.
Information security
fromTechCrunch
51 minutes ago

FBI announces takedown of phishing operation that targeted thousands of victims | TechCrunch

The FBI dismantled a global phishing operation, W3LL, targeting over 17,000 victims and facilitating over $20 million in fraud.
Information security
fromTechzine Global
9 hours ago

Anthropic's Mythos preview: why the human layer matters more, not less

Anthropic's Mythos Preview autonomously discovers and exploits high-severity vulnerabilities, achieving a 72.4% success rate in exploit chaining.
#cybersecurity
Information security
fromTechzine Global
6 hours ago

How AI could drive cyber investigation tools from niche to core stack

The rise of AI presents new cybersecurity risks, necessitating a shift from traditional defensive strategies to proactive measures against sophisticated threats.
Information security
fromSecurityWeek
8 hours ago

CPUID Hacked to Serve Trojanized CPU-Z and HWMonitor Downloads

The CPUID website was hacked, distributing malicious versions of popular hardware monitoring tools for approximately six hours.
Information security
fromTechzine Global
6 hours ago

How AI could drive cyber investigation tools from niche to core stack

The rise of AI presents new cybersecurity risks, necessitating a shift from traditional defensive strategies to proactive measures against sophisticated threats.
Information security
fromThe Hacker News
5 hours ago

Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More

A critical zero-day vulnerability in Adobe Acrobat Reader is actively exploited, alongside state-sponsored cyber threats targeting U.S. infrastructure.
Information security
fromSecurityWeek
8 hours ago

CPUID Hacked to Serve Trojanized CPU-Z and HWMonitor Downloads

The CPUID website was hacked, distributing malicious versions of popular hardware monitoring tools for approximately six hours.
more#cybersecurity
#rockstar-games
Information security
fromwww.bbc.com
8 hours ago

GTA-maker Rockstar Games hacked again but downplays impact

Rockstar Games experienced a data breach by hackers demanding ransom, but the company claims it has no impact on its operations or players.
Information security
fromKotaku
2 days ago

GTA 6 Developer Rockstar Reportedly Hacked, Data Being Ransomed

ShinyHunters claims to have breached Rockstar Games' cloud servers, demanding ransom by April 14 or threatening to leak corporate data.
Information security
fromEngadget
2 days ago

Rockstar Games has confirmed it was hit by third-party data breach

ShinyHunters claims to have breached Rockstar Games' servers, demanding payment to prevent data leaks.
Information security
fromwww.bbc.com
8 hours ago

GTA-maker Rockstar Games hacked again but downplays impact

Rockstar Games experienced a data breach by hackers demanding ransom, but the company claims it has no impact on its operations or players.
Information security
fromKotaku
2 days ago

GTA 6 Developer Rockstar Reportedly Hacked, Data Being Ransomed

ShinyHunters claims to have breached Rockstar Games' cloud servers, demanding ransom by April 14 or threatening to leak corporate data.
Information security
fromEngadget
2 days ago

Rockstar Games has confirmed it was hit by third-party data breach

ShinyHunters claims to have breached Rockstar Games' servers, demanding payment to prevent data leaks.
more#rockstar-games
#data-breach
Information security
fromTechCrunch
4 hours ago

Hack at Anodot leaves over a dozen breached companies facing extortion | TechCrunch

Hackers stole data from multiple companies after breaching Anodot, exposing customers to extortion and potential data publication.
Information security
fromTheregister
8 hours ago

Rockstar Games confirms third-party breach hit company data

ShinyHunters claims to have accessed Rockstar Games' data through a third-party breach, demanding payment to avoid leaking information.
Information security
fromSecuritymagazine
4 days ago

Chinese Supercomputer Allegedly Hacked, 10 Petabytes of Data Stolen

A massive trove of sensitive data has allegedly been stolen from a Chinese supercomputer, including classified defense documents and missile schematics.
Information security
fromTechCrunch
4 hours ago

Hack at Anodot leaves over a dozen breached companies facing extortion | TechCrunch

Hackers stole data from multiple companies after breaching Anodot, exposing customers to extortion and potential data publication.
Information security
fromTheregister
8 hours ago

Rockstar Games confirms third-party breach hit company data

ShinyHunters claims to have accessed Rockstar Games' data through a third-party breach, demanding payment to avoid leaking information.
Information security
fromSecuritymagazine
4 days ago

Chinese Supercomputer Allegedly Hacked, 10 Petabytes of Data Stolen

A massive trove of sensitive data has allegedly been stolen from a Chinese supercomputer, including classified defense documents and missile schematics.
more#data-breach
#openai
more#openai
#marimo
Information security
fromInfoWorld
6 hours ago

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

CVSS-9.3 vulnerability in Marimo allows unauthenticated remote code execution, exploited shortly after disclosure.
Information security
fromThe Hacker News
3 days ago

Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure

A critical vulnerability in Marimo allows unauthenticated remote code execution, exploited within hours of disclosure, affecting all versions prior to 0.20.4.
Information security
fromSecurityWeek
3 days ago

Critical Marimo Flaw Exploited Hours After Public Disclosure

A critical vulnerability in Marimo was exploited within hours of its public disclosure, allowing unauthenticated remote code execution.
Information security
fromInfoWorld
6 hours ago

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

CVSS-9.3 vulnerability in Marimo allows unauthenticated remote code execution, exploited shortly after disclosure.
Information security
fromThe Hacker News
3 days ago

Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure

A critical vulnerability in Marimo allows unauthenticated remote code execution, exploited within hours of disclosure, affecting all versions prior to 0.20.4.
Information security
fromSecurityWeek
3 days ago

Critical Marimo Flaw Exploited Hours After Public Disclosure

A critical vulnerability in Marimo was exploited within hours of its public disclosure, allowing unauthenticated remote code execution.
more#marimo
#adobe-reader
Information security
fromTechzine Global
9 hours ago

Adobe patches vulnerability that steals data via PDFs

A sophisticated attack exploits a vulnerability in Adobe Reader via malicious PDF files to gather sensitive information and potentially execute arbitrary code.
Information security
fromThe Hacker News
4 days ago

Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025

A zero-day vulnerability in Adobe Reader is being exploited through malicious PDF documents to harvest sensitive data and execute additional payloads.
Information security
fromTechzine Global
9 hours ago

Adobe patches vulnerability that steals data via PDFs

A sophisticated attack exploits a vulnerability in Adobe Reader via malicious PDF files to gather sensitive information and potentially execute arbitrary code.
Information security
fromThe Hacker News
4 days ago

Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025

A zero-day vulnerability in Adobe Reader is being exploited through malicious PDF documents to harvest sensitive data and execute additional payloads.
more#adobe-reader
Information security
fromThe Hacker News
4 hours ago

FBI and Indonesian Police Dismantle W3LL Phishing Network Behind $20M Fraud Attempts

The FBI and Indonesian National Police dismantled a global phishing operation using the W3LL toolkit, preventing over $20 million in fraud.
fromnews.bitcoin.com
11 hours ago

Polkadot Price Dips 6% Following 1 Billion Token Minting Breach on Ethereum

A hacker exploited a vulnerability within the Hyperbridge gateway smart contract, using a fabricated message to gain administrative privileges over the bridged DOT contract on Ethereum, triggering a transaction that generated 1 billion unauthorized tokens.
Information security
#adobe
Information security
fromTheregister
7 hours ago

Adobe finally patches PDF pest after months of abuse

Adobe released a patch for a critical zero-day vulnerability in Acrobat and Reader that allowed arbitrary code execution via malicious PDFs.
Information security
fromSecurityWeek
1 day ago

Adobe Patches Reader Zero-Day Exploited for Months

Adobe released emergency patches for a critical zero-day vulnerability in Acrobat and Reader that has been exploited for several months.
Information security
fromThe Hacker News
1 day ago

Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621

Adobe released emergency updates for a critical security flaw in Acrobat Reader that is actively exploited, allowing arbitrary code execution.
Information security
fromTheregister
7 hours ago

Adobe finally patches PDF pest after months of abuse

Adobe released a patch for a critical zero-day vulnerability in Acrobat and Reader that allowed arbitrary code execution via malicious PDFs.
Information security
fromSecurityWeek
1 day ago

Adobe Patches Reader Zero-Day Exploited for Months

Adobe released emergency patches for a critical zero-day vulnerability in Acrobat and Reader that has been exploited for several months.
Information security
fromThe Hacker News
1 day ago

Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621

Adobe released emergency updates for a critical security flaw in Acrobat Reader that is actively exploited, allowing arbitrary code execution.
more#adobe
#gmail
Information security
fromSecurityWeek
11 hours ago

Gmail Brings End-to-End Encryption to Android and iOS for Enterprise Users

Google introduces end-to-end encryption in Gmail for enterprise users on mobile devices, enhancing privacy and security for email communications.
Information security
fromTNW | Apps
3 days ago

Gmail's end-to-end encryption comes to mobile, a year after its web launch

Google has introduced end-to-end encryption for Gmail on Android and iOS, enabling secure email communication for mobile users.
Information security
fromSecurityWeek
11 hours ago

Gmail Brings End-to-End Encryption to Android and iOS for Enterprise Users

Google introduces end-to-end encryption in Gmail for enterprise users on mobile devices, enhancing privacy and security for email communications.
Information security
fromTNW | Apps
3 days ago

Gmail's end-to-end encryption comes to mobile, a year after its web launch

Google has introduced end-to-end encryption for Gmail on Android and iOS, enabling secure email communication for mobile users.
more#gmail
fromTechzine Global
6 hours ago

Commvault launches AI tools for secure agentic AI era

"In agentic environments, agents mutate state across data, systems, and configurations in ways that compound fast and are hard to trace," says Pranay Ahlawat, Chief Technology and AI Officer at Commvault.
Information security
#ai
fromTechCrunch
22 hours ago
Information security

Trump officials may be encouraging banks to test Anthropic's Mythos model | TechCrunch

Information security
fromFortune
3 days ago

Anthropic's Mythos is a wake up call, but experts say the era of AI-driven hacking is already here | Fortune

Anthropic's Mythos AI model is too dangerous to release widely due to its ability to exploit software vulnerabilities.
Information security
fromFortune
3 days ago

The AI that found 27-year-old vulnerabilities no human ever caught before just forced an emergency meeting with every major Wall Street CEO | Fortune

Emergency meeting held by Treasury and Fed leaders to address cybersecurity risks posed by Anthropic's AI model, Mythos.
Information security
fromTechCrunch
22 hours ago

Trump officials may be encouraging banks to test Anthropic's Mythos model | TechCrunch

Bank executives are encouraged to use Anthropic's Mythos model to detect vulnerabilities, despite its limited access and ongoing legal issues.
Information security
fromFortune
3 days ago

Anthropic's Mythos is a wake up call, but experts say the era of AI-driven hacking is already here | Fortune

Anthropic's Mythos AI model is too dangerous to release widely due to its ability to exploit software vulnerabilities.
Information security
fromPsychology Today
3 days ago

What If We Used AI to Detect Threats to Humanity?

AI model Mythos escaped its sandbox, demonstrating capabilities to find software vulnerabilities, raising concerns about technological risks and threat assessment.
Information security
fromSecuritymagazine
3 days ago

What Are Security Experts Saying About Claude Mythos and Project Glasswing?

Claude Mythos Preview enhances vulnerability detection but poses risks if misused by cybercriminals, prompting Anthropic to limit its public release.
Information security
fromFortune
3 days ago

The AI that found 27-year-old vulnerabilities no human ever caught before just forced an emergency meeting with every major Wall Street CEO | Fortune

Emergency meeting held by Treasury and Fed leaders to address cybersecurity risks posed by Anthropic's AI model, Mythos.
more#ai
fromTheregister
2 days ago

Hungary officials used weak passwords exposed in breach dump

An investigation by Bellingcat has uncovered close to 800 Hungarian government email and password pairings circulating in breach dumps, cutting across nearly every major ministry, from defense and foreign affairs to finance.
Information security
#ai-security
Information security
fromThe Hacker News
3 days ago

Browser Extensions Are the New AI Consumption Channel That No One Is Talking About

AI browser extensions pose significant security risks, often overlooked, with vulnerabilities and access that can compromise enterprise networks.
fromDevOps.com
4 days ago
Information security

LayerX: Anthropic's Claude Code Can Easily Be Easily Weaponized - DevOps.com

Information security
fromThe Hacker News
3 days ago

Browser Extensions Are the New AI Consumption Channel That No One Is Talking About

AI browser extensions pose significant security risks, often overlooked, with vulnerabilities and access that can compromise enterprise networks.
more#ai-security
Information security
fromSecurityWeek
3 days ago

Juniper Networks Patches Dozens of Junos OS Vulnerabilities

Juniper Networks released patches for multiple vulnerabilities, including severe flaws that could lead to privilege escalation and remote device takeover.
Information security
fromThe Hacker News
3 days ago

Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers

Unknown threat actors hijacked the Smart Slider 3 Pro plugin update system to distribute a backdoored version affecting WordPress and Joomla users.
#android
Information security
fromTechRepublic
3 days ago

Microsoft: Third-Party Android Vulnerability Leaves Over 50M Users Exposed

A critical flaw in the EngageLab SDK allowed malicious apps to exploit trusted permissions, affecting over 50 million Android users.
Information security
fromTechzine Global
3 days ago

Android trojan linked to Cambodia following anomalous DNS spike

A banking Trojan operating from Cambodia registers 35 new domains monthly, targeting users in 21 countries and exploiting fake apps for fraud.
Information security
fromTechRepublic
3 days ago

Microsoft: Third-Party Android Vulnerability Leaves Over 50M Users Exposed

A critical flaw in the EngageLab SDK allowed malicious apps to exploit trusted permissions, affecting over 50 million Android users.
Information security
fromTechzine Global
3 days ago

Android trojan linked to Cambodia following anomalous DNS spike

A banking Trojan operating from Cambodia registers 35 new domains monthly, targeting users in 21 countries and exploiting fake apps for fraud.
more#android
Information security
from24/7 Wall St.
3 days ago

The "SaaS-Pocalypse" Continues: Cloudflare, ServiceNow, CrowdStrike Under Fire as Anthropic Rewrites the Rules

The release of Anthropic's AI security product has significantly impacted investor confidence in enterprise software companies, leading to sharp stock declines.
Information security
fromInfoWorld
3 days ago

Microsoft's reauthentication snafu cuts off developers globally

Microsoft is addressing a reauthentication issue that has blocked some independent software vendors from accessing its systems.
Information security
fromSecurityWeek
3 days ago

Chrome 147 Patches 60 Vulnerabilities, Including Two Critical Flaws Worth $86,000

Google released Chrome 147, fixing 60 vulnerabilities, including two critical ones affecting WebML, with significant bug bounties awarded to researchers.
fromSecurityWeek
3 days ago

MITRE Releases Fight Fraud Framework

"These incidents involve the intentional use of deceptive or illegal practices to fraudulently obtain money, assets, or information from individuals or institutions, and include actions carried out over cyber channels."
Information security
#quantum-computing
fromTheregister
4 days ago
Information security

Cryptographers place $5,000 bet whether quantum will matter

Quantum computing poses a potential threat to cryptography, prompting the development of Post-Quantum Cryptography to address future vulnerabilities.
Information security
fromTheregister
4 days ago

Cryptographers place $5,000 bet whether quantum will matter

Quantum computing poses a potential threat to cryptography, prompting the development of Post-Quantum Cryptography to address future vulnerabilities.
more#quantum-computing
Information security
fromTechCrunch
4 days ago

Is Anthropic limiting the release of Mythos to protect the internet - or Anthropic? | TechCrunch

Anthropic limited the release of its Mythos model due to its potential to exploit software vulnerabilities, sharing it only with select large organizations.
Information security
fromSecurityWeek
4 days ago

Google API Keys in Android Apps Expose Gemini Endpoints to Unauthorized Access

Google API keys in Android apps can be exploited to access Gemini AI endpoints, risking personal data exposure.
Information security
fromThe Hacker News
4 days ago

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

A new variant of the Phorpiex botnet combines traditional and peer-to-peer communication, facilitating sophisticated malware operations and high-volume spam.
Information security
fromSecurityWeek
4 days ago

Palo Alto Networks, SonicWall Patch High-Severity Vulnerabilities

Palo Alto Networks and SonicWall released patches for multiple vulnerabilities, including high-severity bugs that could allow unauthorized access and code execution.
Information security
from24/7 Wall St.
4 days ago

Why I'd Bottom-Fish in CrowdStrike While the Street is Still Nervous About Software

The SaaS sell-off continues, with many companies facing risks from AI disruption and significant stock declines.
Information security
fromTechRepublic
4 days ago

Hackers Exploit Adobe PDF Flaw for Months to Steal Data, No Fix Yet

Attackers exploit a zero-day vulnerability in Adobe Acrobat Reader to steal data and potentially take over systems using malicious PDF files.
Information security
fromThe Hacker News
3 days ago

EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallets

A security vulnerability in EngageLab SDK could have exposed millions of cryptocurrency wallet users to unauthorized data access.
Information security
fromDevOps.com
4 days ago

Mallory Launches AI-Native Threat Intelligence Platform, Turning Global Threat Data Into Prioritized Action - DevOps.com

Mallory provides an AI-native threat intelligence platform that delivers actionable insights for enterprise security teams, focusing on real threats and vulnerabilities.
fromnews.bitcoin.com
4 days ago

ARIA Token Plummets 80% Moments After Reaching New All Time High

The utility token of the gaming platform Aria AI, ARIA, plummeted by more than 80% April 9, moments after hitting a new all-time high. Market data shows the token, which traded just below $0.78 around 6:15 a.m. EST, crashed to just over $0.10 in less than an hour.
Information security
Information security
fromTechRepublic
5 days ago

Why Operationalizing AI Security Is the Next Great Enterprise Hurdle

Security operations lag behind rapid tech advancements, leading to inefficiencies and risks in managing numerous security tools.
[ Load more ]