#cyber-physical-attacks
#cyber-physical-attacks

Science

Newly Deciphered Sabotage Malware May Have Targeted Iran's Nuclear Program-and Predates Stuxnet

Information security

Cybersecurity professional getting more work and less pay

Privacy professionals

Burglar alarm biz gets burgled, ShinyHunters pursues ransom

ADT confirmed a cyber intrusion by ShinyHunters, claiming over 10 million records were stolen, while ADT reported a limited data breach.

DevOps

The Security Metric That's Failing You

Measuring patch rates does not equate to a secure environment; real risks often lie in misconfigurations and outdated permissions.

Careers

fromEntrepreneur

How to Know Where Your Security Threat Is Before It's Too Late

Organizations winning the security talent war operationalize key questions to prevent knowledge loss and enhance cybersecurity resilience.

Germany news

fromThe Local Germany

1 day ago

Germany blames Russia for Signal phishing attacks on MPs

Germany blames Russia for phishing attacks targeting lawmakers and officials via the Signal messaging app.

Science

fromWIRED

Newly Deciphered Sabotage Malware May Have Targeted Iran's Nuclear Program-and Predates Stuxnet

Fast16 is a sophisticated malware capable of subtly tampering with calculation and simulation software, likely created by the US or an ally.

Cybersecurity professional getting more work and less pay

Cybersecurity professionals faced significant pay stagnation in 2025, with 77% in the UK receiving no salary increase despite high demand for their roles.

Privacy professionals

Burglar alarm biz gets burgled, ShinyHunters pursues ransom

ADT confirmed a cyber intrusion by ShinyHunters, claiming over 10 million records were stolen, while ADT reported a limited data breach.

DevOps

The Security Metric That's Failing You

Measuring patch rates does not equate to a secure environment; real risks often lie in misconfigurations and outdated permissions.

more#cybersecurity

Artificial intelligence

fromDevOps.com

Microsoft Turns to Anthropic's Mythos to Improve Cyber Defense

Microsoft integrates Anthropic's AI models into its Security Development Lifecycle to enhance code analysis and vulnerability detection.

DevOps

fromTechRepublic

2 years ago

What is Cloud Security? Fundamental Guide

Cloud security requires specialized processes and technologies to protect assets and data from evolving threats in a dynamic environment.

Business intelligence

How Physical Security Data Is Supporting Public Safety Challenges

Physical security data is primarily used for officer safety, situational awareness, and responding to public safety emergencies.

Deliverability

fromwww.independent.co.uk

The Behavioral Shift: Why Trusted Relationships Are the Newest Attack Surface

Email attackers now exploit behavioral weaknesses, using tailored tactics that blend into trusted relationships and workflows, making detection more challenging.

UK politics

Iran, Russia and China behind most major cyberattacks on UK, security chief warns

The Independent provides critical journalism on key issues without paywalls, emphasizing the importance of accessible reporting.

Former FBI official proposes terror designations for ransomware hackers targeting hospitals

Ransomware actors targeting critical infrastructure may be designated as terrorists, allowing for expanded legal actions against them.

fromFuturism

22 hours ago

Ransomware Negotiator Pleads Guilty to Deploying Ransomware Himself

A ransomware negotiator conspired with hackers, betraying clients and facilitating attacks against multiple companies.

fromTechCrunch

Information security

Ransomware negotiator pleads guilty to helping ransomware gang | TechCrunch

Healthcare

fromNextgov.com

Former FBI official proposes terror designations for ransomware hackers targeting hospitals

Ransomware actors targeting critical infrastructure may be designated as terrorists, allowing for expanded legal actions against them.

fromFuturism

22 hours ago

Ransomware Negotiator Pleads Guilty to Deploying Ransomware Himself

A ransomware negotiator conspired with hackers, betraying clients and facilitating attacks against multiple companies.

fromTechCrunch

Information security

Ransomware negotiator pleads guilty to helping ransomware gang | TechCrunch

Security Career or Security Blanket? Turning Fearful Staying into Commitment

Job-hugging reflects fear rather than commitment, leading to burnout and stalled innovation in teams.

#artificial-intelligence

Artificial intelligence

How Should Effective AI Red Teams Operate?

fromFortune

Information security

Former national cyber director: Anthropic's 'Mythos' AI can hack nearly anything and we aren't ready | Fortune

Artificial intelligence

How Should Effective AI Red Teams Operate?

AI-specific red teaming is essential for organizations to understand and mitigate risks associated with AI tools.

fromFortune

more#artificial-intelligence

Former national cyber director: Anthropic's 'Mythos' AI can hack nearly anything and we aren't ready | Fortune

Mythos, Anthropic's advanced AI model, poses significant risks to critical infrastructure, necessitating urgent investment and collaboration to enhance cybersecurity.

#ai-security

Information security

Malicious AI Prompt Injection Attacks Increasing, but Sophistication Still Low: Google

What Claude and OpenClaw Vulnerabilities Reveal About AI Agents

AI agents must be governed like privileged accounts due to their ability to access sensitive information and execute commands.

fromZDNET

Information security

How indirect prompt injection attacks on AI work - and 6 ways to shut them down

Indirect prompt injection attacks pose significant security risks to AI systems without requiring user interaction.

Information security

Unauthorized Users Accessed Claude Mythos, New Reports Suggest

Unauthorized access to Anthropic's AI model, Claude Mythos Preview, raises security concerns among experts due to its ability to identify digital vulnerabilities.

Malicious AI Prompt Injection Attacks Increasing, but Sophistication Still Low: Google

Google's research reveals an increase in indirect prompt injection attacks on AI, though their sophistication remains relatively low.

What Claude and OpenClaw Vulnerabilities Reveal About AI Agents

AI agents must be governed like privileged accounts due to their ability to access sensitive information and execute commands.

fromZDNET

How indirect prompt injection attacks on AI work - and 6 ways to shut them down

Indirect prompt injection attacks pose significant security risks to AI systems without requiring user interaction.

Unauthorized Users Accessed Claude Mythos, New Reports Suggest

Unauthorized access to Anthropic's AI model, Claude Mythos Preview, raises security concerns among experts due to its ability to identify digital vulnerabilities.

OpenSSH Flaw Allowing Full Root Shell Access Lurked for 15 Years

OpenSSH versions have a vulnerability allowing root access via certificate misconfiguration, undetectable by log-based systems.

Researchers Uncover Pre-Stuxnet 'fast16' Malware Targeting Engineering Software

A new Lua-based malware, fast16, predates Stuxnet and targets high-precision calculation software for cyber sabotage.

Researchers find sabotage malware that may predate Stuxnet

Malware named fast16 aims to sabotage engineering and physics simulation software, predating Stuxnet and targeting high-precision tools.

CISA, NCSC issue Firestarter backdoor warning

Firestarter malware targets a US federal agency, maintaining persistent access to compromised devices, posing risks to government and critical infrastructure.

Pre-Stuxnet Sabotage Malware 'Fast16' Linked to US-Iran Cyber Tensions

Fast16 is a Lua-based malware discovered by SentinelOne, predating Stuxnet, designed to tamper with high-precision software.

ZionSiphon Malware Targets ICS in Water Facilities

ZionSiphon is a new malware targeting water treatment plants in Israel, designed to manipulate chlorine levels and pressure in these facilities.

$10 Domain Could Have Handed Hackers 25k Endpoints, Including in OT and Gov Networks

A sophisticated threat disguised as adware compromised over 25,000 endpoints, allowing silent control through an unregistered domain.

fromThe Hacker News

Researchers Uncover Pre-Stuxnet 'fast16' Malware Targeting Engineering Software

A new Lua-based malware, fast16, predates Stuxnet and targets high-precision calculation software for cyber sabotage.

Researchers find sabotage malware that may predate Stuxnet

Malware named fast16 aims to sabotage engineering and physics simulation software, predating Stuxnet and targeting high-precision tools.

CISA, NCSC issue Firestarter backdoor warning

Firestarter malware targets a US federal agency, maintaining persistent access to compromised devices, posing risks to government and critical infrastructure.

Pre-Stuxnet Sabotage Malware 'Fast16' Linked to US-Iran Cyber Tensions

Fast16 is a Lua-based malware discovered by SentinelOne, predating Stuxnet, designed to tamper with high-precision software.

ZionSiphon Malware Targets ICS in Water Facilities

ZionSiphon is a new malware targeting water treatment plants in Israel, designed to manipulate chlorine levels and pressure in these facilities.

$10 Domain Could Have Handed Hackers 25k Endpoints, Including in OT and Gov Networks

A sophisticated threat disguised as adware compromised over 25,000 endpoints, allowing silent control through an unregistered domain.

Easily Exploitable 'Pack2TheRoot' Linux Vulnerability Leads to Root Access

A high-severity vulnerability in PackageKit allows unprivileged users to install packages with root privileges, tracked as CVE-2026-41651.

Why Cybersecurity Must Rethink Defense in the Age of Autonomous Agents

Agentic AI is transforming cybersecurity, presenting both opportunities for defenders and risks for attackers, necessitating a strategic response from the industry.

China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks

GopherWhisper is a newly identified APT using legitimate services for command-and-control communication and data exfiltration, primarily targeting a Mongolian government entity.

fromIT Brew

Asking around: When does ransomware threat intelligence become noise?

Effective threat intelligence requires filtering information relevant to specific market segments to avoid overwhelming alerts.

Attackers could disable all of a city's public EV chargers

Rented IoT infrastructure prioritizes user convenience over security, exposing them to denial of service attacks and vulnerabilities.

AI Can Autonomously Hack Cloud Systems With Minimal Oversight: Researchers

AI systems can autonomously hack cloud environments, demonstrating advanced capabilities in executing sophisticated attacks without specific instructions.

fromTechzine Global

Microsoft is using Mythos to detect vulnerabilities

Microsoft integrates AI into cybersecurity to enhance vulnerability detection and prevention during software development.

fromnews.bitcoin.com

From Scripts to Swarms: Why AI Is Breaking Traditional Sybil Defenses

AI agents will centralize identity management, enhancing security against Sybil attacks through advanced automation and dynamic behavior.

fromwww.bbc.com

AI hacking tools like Mythos can be 'net positive' says top cyber official

AI tools can enhance cyber-security if secured properly, according to the UK's top cyber official.

AI Can Autonomously Hack Cloud Systems With Minimal Oversight: Researchers

AI systems can autonomously hack cloud environments, demonstrating advanced capabilities in executing sophisticated attacks without specific instructions.

fromTechzine Global

Microsoft is using Mythos to detect vulnerabilities

Microsoft integrates AI into cybersecurity to enhance vulnerability detection and prevention during software development.

fromnews.bitcoin.com

From Scripts to Swarms: Why AI Is Breaking Traditional Sybil Defenses

AI agents will centralize identity management, enhancing security against Sybil attacks through advanced automation and dynamic behavior.

fromwww.bbc.com

AI hacking tools like Mythos can be 'net positive' says top cyber official

AI tools can enhance cyber-security if secured properly, according to the UK's top cyber official.

more#ai

Vulnerabilities Patched in CrowdStrike, Tenable Products

CrowdStrike published an advisory for CVE-2026-40050, a critical unauthenticated path traversal vulnerability affecting its LogScale product. The flaw can allow a remote attacker to read arbitrary files from the server filesystem.

Information security

US Federal Agency's Cisco Firewall Infected With 'Firestarter' Backdoor

A US federal agency was infected with malware due to vulnerabilities in Cisco firewalls linked to a China-backed espionage campaign.

fromThe Hacker News

LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure

A high-severity SSRF vulnerability in LMDeploy is actively exploited, allowing attackers to access sensitive data and internal networks.

Operationally Ineffective: Putting CVEs in a Chokehold with Privilege Disruption

A Common Vulnerability Exposure (CVE) that cannot reach the privilege plane is operationally ineffective - even at a CVSS Score of 10. This should be a core philosophy that is embedded into the fabric of software engineering.

Information security

fromArs Technica

Now, even ransomware is using post-quantum cryptography

Kyber's use of PQC key-exchange algorithms serves more as a marketing tactic than a practical security measure against imminent quantum threats.

fromWIRED

AI Tools Are Helping Mediocre North Korean Hackers Steal Millions

AI tools have enabled unskilled hackers to execute sophisticated cybercrime operations, resulting in significant financial theft.

Mirai Botnet Targets Flaw in Discontinued D-Link Routers

A Mirai botnet exploits a command injection vulnerability in discontinued D-Link routers, posing risks to connected devices.

#cyber-security

Interview: Critical local infrastructure is missing link in UK cyber resilience | Computer Weekly

Local infrastructure in the UK is vulnerable to cyber attacks, risking severe disruption to essential services and public safety.

Nation states responsible for 'nationally significant' cyber attacks against UK, says NCSC chief | Computer Weekly

The UK faces increased cyber security threats from hostile states and AI advancements, with an average of four significant attacks weekly.

Sans Institute preps live systems for Nato cyber exercise | Computer Weekly

The Sans Institute is providing a real operational cyber range for the NATO Locked Shields exercise to enhance cyber security training and readiness.

Interview: Critical local infrastructure is missing link in UK cyber resilience | Computer Weekly

Local infrastructure in the UK is vulnerable to cyber attacks, risking severe disruption to essential services and public safety.

Nation states responsible for 'nationally significant' cyber attacks against UK, says NCSC chief | Computer Weekly

The UK faces increased cyber security threats from hostile states and AI advancements, with an average of four significant attacks weekly.

Sans Institute preps live systems for Nato cyber exercise | Computer Weekly

The Sans Institute is providing a real operational cyber range for the NATO Locked Shields exercise to enhance cyber security training and readiness.

Are SBOMs Failing? Supply Chain Attacks Rise as Security Teams Struggle With SBOM Data

SBOMs and VEX statements fail to enhance software supply chain security due to poor decision-making and inconsistent interpretation of available data.

fromSitePoint Forums | Web Development & Design Community

Why Your OpenClaw Setup is a "Malicious Insider" in Waiting

OpenClaw's capabilities pose significant security risks, revealing vulnerabilities that can be exploited by malicious insiders.

Serial-to-IP Converter Flaws Expose OT and Healthcare Systems to Hacking

Serial-to-IP converters have serious vulnerabilities that can expose critical systems to remote attacks.

Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster

Progress Software released patches for multiple vulnerabilities in MOVEit WAF and LoadMaster that could lead to remote code execution and command injection.

Serial-to-IP Converter Flaws Expose OT and Healthcare Systems to Hacking

Serial-to-IP converters have serious vulnerabilities that can expose critical systems to remote attacks.

Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster

Progress Software released patches for multiple vulnerabilities in MOVEit WAF and LoadMaster that could lead to remote code execution and command injection.

Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities

CISA expanded its Known Exploited Vulnerabilities catalog with eight new flaws, including high-severity bugs in Cisco and Kentico products.

fromTNW | Next-Featured

Lovable security crisis: 48 days of exposed projects, closed bug reports, & the structural failure of vibe coding security

Lovable's security incidents expose vulnerabilities in AI-generated code and highlight a market focus on growth over security.

Bluesky Disrupted by Sophisticated DDoS Attack

The attack is impacting our application, with users experiencing intermittent interruptions in service for their feeds, notifications, threads and search.

Information security

Server-room lock was nothing but a crock

A security vulnerability allowed unauthorized access to a server room due to a flaw in the two-factor authentication lock.

'By Design' Flaw in MCP Could Enable Widespread AI Supply Chain Attacks

MCP's architectural flaw allows adversarial takeover of user systems, exposing sensitive data and enabling malware installation.

ICS Patch Tuesday: 8 Industrial Giants Publish New Security Advisories

Multiple industrial giants have released new ICS security advisories addressing various vulnerabilities since the last Patch Tuesday.

Information security

Cyber Insights 2026: The Ongoing Fight to Secure Industrial Control Systems

ICS Patch Tuesday: 8 Industrial Giants Publish New Security Advisories

Multiple industrial giants have released new ICS security advisories addressing various vulnerabilities since the last Patch Tuesday.

Information security

Cyber Insights 2026: The Ongoing Fight to Secure Industrial Control Systems

Multi-OS Cyberattacks: How SOCs Close a Critical Risk in 3 Steps

Multi-OS attacks complicate SOC operations, leading to delays, fragmented evidence, and increased escalation volume, ultimately allowing attackers more time to operate.

fromTechRepublic

1 month ago

Industrial Systems Under Siege: 77% of OT Environments Suffer Cyber Breaches

Industrial sectors lag in cybersecurity despite modernizing operational technologies, creating critical vulnerabilities in manufacturing, utilities, and energy infrastructure.

#cyberwarfare

Information security

Energy infrastructure cyberattacks are suddenly in fashion

fromFast Company

Information security

How hackers are turning the power grid and digital infrastructure into a weapon

Information security

Energy infrastructure cyberattacks are suddenly in fashion

fromFast Company

Information security

How hackers are turning the power grid and digital infrastructure into a weapon

ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Moxa, Mitsubishi Electric

Industrial control system manufacturers Siemens, Schneider Electric, Mitsubishi Electric, and Moxa released multiple security advisories addressing critical and high-severity vulnerabilities in their ICS products.

3 Threat Groups Started Targeting ICS/OT in 2025: Dragos

Three new threat groups—Sylvanite, Azurite, and Pyroxene—began targeting ICS and OT in 2025, expanding threats to critical infrastructure globally.

1 month ago

Rockwell Vulnerability Allowing Remote ICS Hacking Exploited in Attacks

The vulnerability, related to an insufficiently protected cryptographic key, could allow a remote, unauthenticated attacker to bypass verification and connect to a targeted controller by mimicking an engineering workstation. In a real-world industrial environment, the vulnerability could allow remote attackers to manipulate PLC logic and disrupt manufacturing processes, or even cause physical damage to equipment.

Information security

fromTechzine Global

Why cyberattacks don't require advanced hacking

Poor cyber hygiene, weak identity security, overdue IT maintenance, and incomplete logging make organizations vulnerable to financially motivated attacks such as ransomware and email fraud.

ICS Patch Tuesday: Vulnerabilities Addressed by Siemens, Schneider, Aveva, Phoenix Contact

Siemens has published eight new advisories. The company has released patches and mitigations for high-severity issues in Desigo CC, Sentron Powermanager, Simcenter Femap and Nastran, NX, Sinec NMS, Solid Edge, and Polarion products. A medium-severity flaw has been found in Siveillance Video Management Servers. Exploitation of the vulnerabilities can lead to unauthorized access, XSS, DoS, code execution, and privilege escalation.

Information security