#cybersecurity
#cybersecurity

3 hours ago

Germany news

Germany blames Russia for Signal phishing attacks on MPs

Crime crew impersonates help desk, abuses Teams chats

A new threat group uses social engineering and custom malware to steal data through Microsoft Teams and phishing tactics.

Germany politics

Germany launches spying probe into Signal attacks targeting MPs

German prosecutors investigate phishing attacks on lawmakers, linked to Russia, highlighting the need for vigilance against espionage threats.

Deliverability

New Apple Phishing Scam Uses Fake $899 iPhone Purchase Alert

A phishing scam mimics an Apple security alert to trick users into calling a fake support number and potentially compromising their accounts.

Germany news

3 hours ago

Germany blames Russia for Signal phishing attacks on MPs

Germany blames Russia for phishing attacks targeting lawmakers and officials via the Signal messaging app.

Crime crew impersonates help desk, abuses Teams chats

A new threat group uses social engineering and custom malware to steal data through Microsoft Teams and phishing tactics.

Germany politics

Germany launches spying probe into Signal attacks targeting MPs

German prosecutors investigate phishing attacks on lawmakers, linked to Russia, highlighting the need for vigilance against espionage threats.

Deliverability

New Apple Phishing Scam Uses Fake $899 iPhone Purchase Alert

A phishing scam mimics an Apple security alert to trick users into calling a fake support number and potentially compromising their accounts.

How to Know Where Your Security Threat Is Before It's Too Late

Organizations winning the security talent war operationalize key questions to prevent knowledge loss and enhance cybersecurity resilience.

20 hours ago

Why Tokyo is the most important tech destination of 2026 | TechCrunch

Sessions featuring Howard Wright (Nvidia), Rob Chu (AWS), and Eric Benhamou (Benhamou Global Ventures) cut through the noise to examine where AI is genuinely deployed at scale and where the real risks lie.

London startup

fromTNW | Startups-Technology

China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks

GopherWhisper is a newly identified APT using legitimate services for command-and-control communication and data exfiltration, primarily targeting a Mongolian government entity.

Discord Sleuths Gained Unauthorized Access to Anthropic's Mythos

Mozilla used Anthropic's Mythos Preview to fix 271 vulnerabilities in Firefox 150, while North Korean hackers exploited AI for cybercrime.

Venture

Rilian raises $17.5 million to bring agentic AI to sovereign defence

Information security

Chinese Cybersecurity Firm's AI Hacking Claims Draw Comparisons to Claude Mythos

Information security

Rilian Raises $17.5 Million for AI-Native Security Orchestration

fromTechzine Global

Microsoft is using Mythos to detect vulnerabilities

Microsoft integrates AI into cybersecurity to enhance vulnerability detection and prevention during software development.

AI Can Autonomously Hack Cloud Systems With Minimal Oversight: Researchers

AI systems can autonomously hack cloud environments, demonstrating advanced capabilities in executing sophisticated attacks without specific instructions.

fromTNW | Startups-Technology

Discord Sleuths Gained Unauthorized Access to Anthropic's Mythos

Mozilla used Anthropic's Mythos Preview to fix 271 vulnerabilities in Firefox 150, while North Korean hackers exploited AI for cybercrime.

Venture

Rilian raises $17.5 million to bring agentic AI to sovereign defence

Caspian platform automates threat detection and response in compliance-restricted environments using AI agents, enhancing cybersecurity for defense and national security.

Chinese Cybersecurity Firm's AI Hacking Claims Draw Comparisons to Claude Mythos

A Chinese cybersecurity firm claims AI-driven vulnerability discovery capabilities rivaling Anthropic's Claude Mythos model.

Information security

Rilian Raises $17.5 Million for AI-Native Security Orchestration

fromTechzine Global

Microsoft is using Mythos to detect vulnerabilities

Microsoft integrates AI into cybersecurity to enhance vulnerability detection and prevention during software development.

AI Can Autonomously Hack Cloud Systems With Minimal Oversight: Researchers

AI systems can autonomously hack cloud environments, demonstrating advanced capabilities in executing sophisticated attacks without specific instructions.

Researchers Uncover Pre-Stuxnet 'fast16' Malware Targeting Engineering Software

A new Lua-based malware, fast16, predates Stuxnet and targets high-precision calculation software for cyber sabotage.

FIRESTARTER Backdoor Hit Federal Cisco Firepower Device, Survives Security Patches

A federal agency's Cisco Firepower device was compromised by the FIRESTARTER malware, enabling remote access and control through exploited vulnerabilities.

Pre-Stuxnet Sabotage Malware 'Fast16' Linked to US-Iran Cyber Tensions

Fast16 is a Lua-based malware discovered by SentinelOne, predating Stuxnet, designed to tamper with high-precision software.

CISA, NCSC issue Firestarter backdoor warning

Firestarter malware targets a US federal agency, maintaining persistent access to compromised devices, posing risks to government and critical infrastructure.

26 FakeWallet Apps Found on Apple App Store Targeting Crypto Seed Phrases

Malicious apps impersonating cryptocurrency wallets on the Apple App Store aim to steal recovery phrases and private keys.

Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy AdaptixC2

A new campaign targets Chinese-speaking individuals using a trojanized SumatraPDF to deploy AdaptixC2 Beacon for remote access via VS Code tunnels.

Researchers Uncover Pre-Stuxnet 'fast16' Malware Targeting Engineering Software

A new Lua-based malware, fast16, predates Stuxnet and targets high-precision calculation software for cyber sabotage.

FIRESTARTER Backdoor Hit Federal Cisco Firepower Device, Survives Security Patches

A federal agency's Cisco Firepower device was compromised by the FIRESTARTER malware, enabling remote access and control through exploited vulnerabilities.

Pre-Stuxnet Sabotage Malware 'Fast16' Linked to US-Iran Cyber Tensions

Fast16 is a Lua-based malware discovered by SentinelOne, predating Stuxnet, designed to tamper with high-precision software.

CISA, NCSC issue Firestarter backdoor warning

Firestarter malware targets a US federal agency, maintaining persistent access to compromised devices, posing risks to government and critical infrastructure.

26 FakeWallet Apps Found on Apple App Store Targeting Crypto Seed Phrases

Malicious apps impersonating cryptocurrency wallets on the Apple App Store aim to steal recovery phrases and private keys.

Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy AdaptixC2

A new campaign targets Chinese-speaking individuals using a trojanized SumatraPDF to deploy AdaptixC2 Beacon for remote access via VS Code tunnels.

CISA Adds 4 Exploited Flaws to KEV, Sets May 2026 Federal Deadline

CISA added four vulnerabilities to its KEV catalog, indicating active exploitation affecting SimpleHelp, Samsung MagicINFO 9 Server, and D-Link routers.

In Other News: Unauthorized Mythos Access, Plankey CISA Nomination Ends, New Display Security Device

Key cybersecurity developments include a hacker's probation, UK military deployment for internet protection, and Lovable's data exposure issue.

CISA Adds 4 Exploited Flaws to KEV, Sets May 2026 Federal Deadline

CISA added four vulnerabilities to its KEV catalog, indicating active exploitation affecting SimpleHelp, Samsung MagicINFO 9 Server, and D-Link routers.

In Other News: Unauthorized Mythos Access, Plankey CISA Nomination Ends, New Display Security Device

Key cybersecurity developments include a hacker's probation, UK military deployment for internet protection, and Lovable's data exposure issue.

more#vulnerabilities

fromArs Technica

Why are top university websites serving porn? It comes down to shoddy housekeeping.

Universities often neglect DNS record maintenance, leading to hijacked subdomains that can appear in search results.

from24/7 Wall St.

Cybersecurity ETFs Face a Reckoning: Which 3 Will Weather the Downturn

Cybersecurity spending is essential for corporations, leading to increased investment in thematic ETFs focused on security budgets post-breach.

What is Cloud Security? Fundamental Guide

Cloud security requires specialized processes and technologies to protect assets and data from evolving threats in a dynamic environment.

Copperhelm Raises $7 Million for Agentic Cloud Security Platform

Copperhelm raised $7 million for its AI-driven cloud security platform that autonomously monitors and remediates threats in real time.

2 years ago

What is Cloud Security? Fundamental Guide

Cloud security requires specialized processes and technologies to protect assets and data from evolving threats in a dynamic environment.

Copperhelm Raises $7 Million for Agentic Cloud Security Platform

Copperhelm raised $7 million for its AI-driven cloud security platform that autonomously monitors and remediates threats in real time.

CISA last in line for access to Anthropic Mythos

CISA lacks access to Anthropic's AI model Claude Mythos, while unauthorized users have gained access, raising cybersecurity concerns.

Trump's pick to run US cyber agency CISA asks to drop out | TechCrunch

Sean Plankey withdrew his nomination to lead CISA, leaving the agency without a permanent leader amid ongoing cybersecurity challenges.

fromThe Cipher Brief

America's Cyber Strategy Has a Budget Problem

The U.S. is underfunding cybersecurity efforts, particularly CISA, despite increasing cyberattack threats.

Plankey withdraws nomination to lead CISA

Sean Plankey has withdrawn his nomination to lead the Cybersecurity and Infrastructure Security Agency after a year of waiting for Senate confirmation.

Anthropic's Mythos rollout has missed America's cyberscurity agency

CISA lacks access to Anthropic's cybersecurity model, raising concerns about its prioritization and effectiveness in digital security.

fromComputerworld

CISA last in line for access to Anthropic Mythos

CISA lacks access to Anthropic's AI model Claude Mythos, while unauthorized users have gained access, raising cybersecurity concerns.

Trump's pick to run US cyber agency CISA asks to drop out | TechCrunch

Sean Plankey withdrew his nomination to lead CISA, leaving the agency without a permanent leader amid ongoing cybersecurity challenges.

fromThe Cipher Brief

America's Cyber Strategy Has a Budget Problem

The U.S. is underfunding cybersecurity efforts, particularly CISA, despite increasing cyberattack threats.

Plankey withdraws nomination to lead CISA

Sean Plankey has withdrawn his nomination to lead the Cybersecurity and Infrastructure Security Agency after a year of waiting for Senate confirmation.

Anthropic's Mythos rollout has missed America's cyberscurity agency

CISA lacks access to Anthropic's cybersecurity model, raising concerns about its prioritization and effectiveness in digital security.

Netherlands Faces Greatest National Security Threat Since World War Two

The Netherlands faces its greatest national security threat since World War Two, primarily from Russia and China.

What Claude and OpenClaw Vulnerabilities Reveal About AI Agents

AI agents must be governed like privileged accounts due to their ability to access sensitive information and execute commands.

fromZDNET

Information security

How indirect prompt injection attacks on AI work - and 6 ways to shut them down

Information security

Anthropic's Mythos breach was humiliating

Information security

Security experts head to D.C. to debate standards for securing AI systems as Mythos raises the stakes | Fortune

What Claude and OpenClaw Vulnerabilities Reveal About AI Agents

AI agents must be governed like privileged accounts due to their ability to access sensitive information and execute commands.

fromZDNET

How indirect prompt injection attacks on AI work - and 6 ways to shut them down

Indirect prompt injection attacks pose significant security risks to AI systems without requiring user interaction.

Anthropic's Mythos breach was humiliating

Unauthorized access to Anthropic's AI model Mythos raises serious concerns about cybersecurity and safety protocols.

Security experts head to D.C. to debate standards for securing AI systems as Mythos raises the stakes | Fortune

AI systems are becoming attractive targets for adversaries, with vulnerabilities discovered faster than developers can respond.

more#ai-security

NASA Employees Duped in Chinese Phishing Scheme Targeting U.S. Defense Software

"For years, NASA employees and research collaborators thought they were simply sharing software with colleagues. Instead, they were emailing sensitive defense technology to a Chinese national who was impersonating U.S. engineers."

Privacy professionals

BT has now blocked over a billion clicks to malicious websites, says NCSC | Computer Weekly

BT and EE have blocked over a billion clicks to malicious websites using intelligence from the UK's National Cyber Security Centre.

ShinyHunters claim they have cruise giant Carnival's booty

Carnival Corporation faces a significant data breach involving 7.5 million email addresses linked to its Mariner Society loyalty program.

#passkeys

fromwww.bbc.com

Privacy technologies

UK cyber chiefs say it's time to ditch passwords for passkeys - what are they?

What is a passkey, how does it work and why is it better than a password?

The UK's National Cyber Security Centre recommends using passkeys instead of passwords for secure digital logins.

fromInfoWorld

Offer customers passkeys by default, UK's NCSC tells enterprises

Passkeys are recommended as the primary authentication method due to their security against phishing and credential reuse.

Privacy technologies

NCSC: Passkeys now good enough to be the default standard

Privacy technologies

NCSC heralds end of passwords for consumers and pushes secure passkeys | Computer Weekly

fromwww.bbc.com

UK cyber chiefs say it's time to ditch passwords for passkeys - what are they?

People in the UK are encouraged to use passkeys instead of passwords for better online security.

What is a passkey, how does it work and why is it better than a password?

The UK's National Cyber Security Centre recommends using passkeys instead of passwords for secure digital logins.

fromInfoWorld

Offer customers passkeys by default, UK's NCSC tells enterprises

Passkeys are recommended as the primary authentication method due to their security against phishing and credential reuse.

NCSC: Passkeys now good enough to be the default standard

The NCSC endorses passkeys as the default authentication standard, urging consumers to abandon passwords for enhanced security.

NCSC heralds end of passwords for consumers and pushes secure passkeys | Computer Weekly

Consumers are urged to replace passwords with passkeys for better security and ease of access to online services.

Mythos access by Discord group reveals real danger of AI-powered hacking | Fortune

Unauthorized access to AI models exposes vulnerabilities in cybersecurity, highlighting the rapid pace of AI-driven exploitation of flaws.

Project Glasswing Proved AI Can Find the Bugs. Who's Going to Fix Them?

Project Glasswing reveals a significant gap in cybersecurity, as less than 1% of vulnerabilities discovered were patched.

Mythos access by Discord group reveals real danger of AI-powered hacking | Fortune

Unauthorized access to AI models exposes vulnerabilities in cybersecurity, highlighting the rapid pace of AI-driven exploitation of flaws.

Project Glasswing Proved AI Can Find the Bugs. Who's Going to Fix Them?

Project Glasswing reveals a significant gap in cybersecurity, as less than 1% of vulnerabilities discovered were patched.

more#ai-vulnerabilities

The Top 8 Enterprise VPN Solutions

Secure remote connections are critical for businesses to prevent data breaches, with enterprise VPN solutions being a top priority.

Why Cybersecurity Must Rethink Defense in the Age of Autonomous Agents

Agentic AI is transforming cybersecurity, presenting both opportunities for defenders and risks for attackers, necessitating a strategic response from the industry.

US Federal Agency's Cisco Firewall Infected With 'Firestarter' Backdoor

A US federal agency was infected with malware due to vulnerabilities in Cisco firewalls linked to a China-backed espionage campaign.

fromMail Online

How to create secure passwords - it might be time to switch to passkey

Using unique passwords and transitioning to passkeys enhances online security and reduces the risk of cyber threats.

fromTechzine Global

Agentic AI is reshaping the network - and it's time to upgrade

Wireless connectivity is essential for AI, transforming industries and requiring strategic management to address complexity and security risks.

fromThe New Yorker

How Big a Threat Are Iranian-Backed Cyber Attacks?

Iranian cyber actors have accessed critical U.S. infrastructure, highlighting vulnerabilities in cybersecurity and the ongoing nature of nation-state hacking.

Vulnerabilities Patched in CrowdStrike, Tenable Products

CrowdStrike and Tenable reported serious vulnerabilities in their products, prompting customers to update to patched versions.

from24/7 Wall St.

Jim Cramer Says People Who Sold CrowdStrike on AI Fear Made the Biggest Mistake of 2026

Investors misjudged CrowdStrike's potential, as AI advancements create increased demand for cybersecurity rather than reducing it.

Vulnerabilities Patched in CrowdStrike, Tenable Products

CrowdStrike and Tenable reported serious vulnerabilities in their products, prompting customers to update to patched versions.

from24/7 Wall St.

Jim Cramer Says People Who Sold CrowdStrike on AI Fear Made the Biggest Mistake of 2026

Investors misjudged CrowdStrike's potential, as AI advancements create increased demand for cybersecurity rather than reducing it.

more#crowdstrike

fromAxios

The pope moves to police AI

The Vatican is enhancing cybersecurity and AI oversight, emphasizing ethical guidelines and human dignity in technology use.

fromBusiness Matters

Why Effective Patch Management Is Critical for Cybersecurity in 2026

Timely patch management is essential for protecting digital assets and maintaining business continuity against evolving cyber threats.

Attackers could disable all of a city's public EV chargers

Rented IoT infrastructure prioritizes user convenience over security, exposing them to denial of service attacks and vulnerabilities.

Cryptocurrency

fromThe Village Voice

Which VPN makes sense for crypto traders in 2026? - The Village Voice

Crypto traders must choose VPNs based on technical fundamentals like protocol choices, logging policies, and security features to protect their activities.

Claude Opus 4.7 has turned into an overzealous query cop

Opus 4.7's enhanced safeguards hinder legitimate use while aiming to prevent misuse.

fromIT Brew

Asking around: When does ransomware threat intelligence become noise?

Effective threat intelligence requires filtering information relevant to specific market segments to avoid overwhelming alerts.

China-linked crews turn routers into covert attack proxies

China-linked threat actors exploit compromised routers and IoT devices to create proxy networks for cyber intrusions and data theft.

fromThe Cipher Brief

Anthropic Mythos - We've Opened Pandora's Box

Cybersecurity faces a new threat from AI systems like Anthropic Mythos, which can exploit vulnerabilities and shift the balance in favor of attackers.

A group of users leaked Anthropic's AI model Mythos by reportedly guessing where it was located | Fortune

Unauthorized access to Anthropic's Mythos model raises significant cybersecurity concerns.

Security Leaders Discuss the Claude Mythos Breach

Security leaders emphasize the urgent need for AI-enabled cybersecurity measures in response to the Claude Mythos breach.

NIST's New Prioritization Criteria for CVEs, Examined by Experts

NIST is changing its approach to handling cybersecurity vulnerabilities by prioritizing certain CVEs for immediate enrichment in the National Vulnerability Database.

Operationally Ineffective: Putting CVEs in a Chokehold with Privilege Disruption

A Common Vulnerability Exposure (CVE) that cannot reach the privilege plane is operationally ineffective - even at a CVSS Score of 10. This should be a core philosophy that is embedded into the fabric of software engineering.

Information security

ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories

Supply chain vulnerabilities and AI tools exacerbate ongoing cyber threats, including state-backed crypto heists and active remote code execution exploits.

Vercel says some of its customers' data was stolen prior to its recent hack | TechCrunch

Vercel experienced a data breach affecting customer accounts, with evidence of prior compromises suggesting broader security implications.

Luxury Cosmetics Giant Rituals Discloses Data Breach

Rituals experienced a data breach affecting My Rituals members' personal information, but no passwords or payment details were compromised.

fromEngadget

France's national agency for managing IDs and passports suffered a data breach last week

France Titres confirmed a security breach exposing personal data, including names and contact information, with potential for phishing attacks.

France confirms data breach at government agency that manages citizens' IDs | TechCrunch

The French government agency ANTS confirmed a data breach affecting citizens' identity documents, potentially involving millions of personal records.

Cosmetics giant Rituals confirms data breach of customer membership records | TechCrunch

Rituals confirmed a data breach affecting customers' personal information after hackers stole data from its membership database.

Vercel says some of its customers' data was stolen prior to its recent hack | TechCrunch

Vercel experienced a data breach affecting customer accounts, with evidence of prior compromises suggesting broader security implications.

Luxury Cosmetics Giant Rituals Discloses Data Breach

Rituals experienced a data breach affecting My Rituals members' personal information, but no passwords or payment details were compromised.

fromEngadget

France's national agency for managing IDs and passports suffered a data breach last week

France Titres confirmed a security breach exposing personal data, including names and contact information, with potential for phishing attacks.

France confirms data breach at government agency that manages citizens' IDs | TechCrunch

The French government agency ANTS confirmed a data breach affecting citizens' identity documents, potentially involving millions of personal records.

Cosmetics giant Rituals confirms data breach of customer membership records | TechCrunch

Rituals confirmed a data breach affecting customers' personal information after hackers stole data from its membership database.

UK's NCSC calls passkeys the default, says passwords are no longer fit for the purpose

Passkeys are recommended as the primary authentication method due to their security and user-friendliness compared to traditional passwords.

Hybrid clouds have two attack surfaces - so watch both

Hybrid cloud management tools present significant security vulnerabilities that users often overlook.

#hacking

Chinese hackers are using everyday devices to hack UK firms, warns watchdog

British businesses must enhance vigilance against China-linked hacking using everyday devices for espionage.

Chinese hackers using compromised networks to spy on Western companies, says Five Eyes | Computer Weekly

China-linked hackers are using vulnerable internet-connected devices to obscure espionage and hacking operations against Western organizations.

Chinese hackers are using everyday devices to hack UK firms, warns watchdog

British businesses must enhance vigilance against China-linked hacking using everyday devices for espionage.

Chinese hackers using compromised networks to spy on Western companies, says Five Eyes | Computer Weekly

China-linked hackers are using vulnerable internet-connected devices to obscure espionage and hacking operations against Western organizations.

more#hacking

fromReadWrite

Caesars sued over 2026 data breach claims

Caesars Entertainment faces a class action lawsuit for failing to protect customer data during a second cyber incident after a previous breach in 2023.

Deliverability

The Behavioral Shift: Why Trusted Relationships Are the Newest Attack Surface

Email attackers now exploit behavioral weaknesses, using tailored tactics that blend into trusted relationships and workflows, making detection more challenging.

NCSC's first gadget blocks malware transfer over HDMI cables

GCHQ's SilentGlass device protects display devices from cyberattacks by blocking malicious traffic between computers and monitors.

#artificial-intelligence

Former national cyber director: Anthropic's 'Mythos' AI can hack nearly anything and we aren't ready | Fortune

Mythos, Anthropic's advanced AI model, poses significant risks to critical infrastructure, necessitating urgent investment and collaboration to enhance cybersecurity.

How Should Effective AI Red Teams Operate?

AI-specific red teaming is essential for organizations to understand and mitigate risks associated with AI tools.

5 AI Models Tried to Scam Me. Some of Them Were Scary Good

Artificial intelligence is increasingly capable of executing sophisticated social engineering attacks, as demonstrated by the DeepSeek-V3 model.

The Mythos meeting focused on the wrong AI risk to banks. Here's the one nobody is talking about | Fortune

Artificial intelligence is transforming fraud into a machine-driven, scalable threat, posing risks beyond traditional cyber attacks.

Former national cyber director: Anthropic's 'Mythos' AI can hack nearly anything and we aren't ready | Fortune

Mythos, Anthropic's advanced AI model, poses significant risks to critical infrastructure, necessitating urgent investment and collaboration to enhance cybersecurity.

How Should Effective AI Red Teams Operate?

AI-specific red teaming is essential for organizations to understand and mitigate risks associated with AI tools.

5 AI Models Tried to Scam Me. Some of Them Were Scary Good

Artificial intelligence is increasingly capable of executing sophisticated social engineering attacks, as demonstrated by the DeepSeek-V3 model.

more#artificial-intelligence

The Mythos meeting focused on the wrong AI risk to banks. Here's the one nobody is talking about | Fortune

Artificial intelligence is transforming fraud into a machine-driven, scalable threat, posing risks beyond traditional cyber attacks.

fromTNW | Investors-Funding

Sharing isn't caring if it's an admin password: Pwned

The client wanted to 'keep things simple' for their team, so they used the same administrative password for both staging and production environments. That password was the hard-to-guess combination of 'admin123.'

Information security

#microsoft

European startups

Microsoft commits A$25 billion to Australia by 2029

Microsoft announces A$25 billion investment in Australia, expanding AI infrastructure and cybersecurity initiatives, and training three million Australians in AI skills by 2028.

fromTNW | Investors-Funding

Microsoft to test third-party AI models for incorporation in its security offerings

Microsoft is evaluating third-party AI systems to enhance its cybersecurity measures against AI-driven threats.

European startups

Microsoft commits A$25 billion to Australia by 2029

Microsoft announces A$25 billion investment in Australia, expanding AI infrastructure and cybersecurity initiatives, and training three million Australians in AI skills by 2028.

Microsoft to test third-party AI models for incorporation in its security offerings

Microsoft is evaluating third-party AI systems to enhance its cybersecurity measures against AI-driven threats.

Recent Microsoft Defender Vulnerability Exploited as Zero-Day

A zero-day vulnerability in Microsoft Defender, tracked as CVE-2026-33825, allows privilege escalation through a flaw named BlueHammer.

Microsoft: Most Windows 11 Users Don't Need Third-Party Antivirus

Windows 11's built-in security features may eliminate the need for third-party antivirus software for most users.

Hackers Impersonate IT Help Desk on Microsoft Teams to Gain Access, Steal Data

Hackers are increasingly using social engineering on Microsoft Teams to gain unauthorized access by impersonating IT support.

Cyber Command carried out over 8,000 missions in 2025, director says

U.S. Cyber Command conducted over 8,000 missions in 2025, marking a 25% increase from 2024, with expectations for further growth in 2026.