#cybersecurity

#cybersecurity

The threat actor known as Patchwork has launched a new spear-phishing campaign targeting Turkish defense contractors to gather strategic intelligence.

The California Privacy Protection Agency board approved new rules for companies' use of automated technologies, mandating cybersecurity audits and privacy assessments.

Uber's Multi-Cloud Secrets Management Platform manages over 150,000 secrets in a complex infrastructure of over 5,000 microservices, addressing significant security challenges.

People are receiving reports that sound reasonable, they look technically correct. And then you end up digging into them, trying to figure out, 'oh no, where is this vulnerability?'.

CrowdStrike Holdings Inc. reported solid first-quarter results a year after a major global outage, demonstrating a remarkable recovery and announcing a $1 billion share repurchase plan.

In the real world, adversaries don't operate in bursts. Their recon is continuous, their tools and tactics are always evolving, and new vulnerabilities are often reverse-engineered into working exploits within hours of a patch release.

While this may have been an attempt to highlight associated risks, the issue underscores a growing and critical threat in the AI ecosystem: the exploitation of powerful AI tools by malicious actors in the absence of robust guardrails, continuous monitoring, and effective governance frameworks.

James Somersett's parents were excited to attend a Blue Jays game, as he had purchased them premium tickets, but moments before the game, the tickets were stolen from his account.

Mimo exploits vulnerabilities in Magento CMS and Docker instances, using PHP-FPM command injection for initial access and employing advanced techniques for evasion and persistence.

Cloudflare reported a significant increase in internet disruptions during Q2 2025, attributing the disruptions to government-mandated shutdowns in multiple countries.

The realm of cybersecurity encompasses not just known threats, but also unforeseen risks, underscoring the significance of preparing for unknown unknowns that could critically impact systems.

Tesla has applied for a temporary permit to the FCC to test the effects of cell jammers on its Robotaxi communication systems. This testing aims to understand potential vulnerabilities to malicious actors.

The leak granted potential access to over 50 large language models (LLMs) developed by xAI, raising serious concerns about operational security within DOGE and the U.S. government.

The UK faces a very significant volume of cyber attacks every year, the security minister has warned as new laws aim to deter hackers from extorting businesses amid a spate of recent incidents.

Clorox alleges Cognizant directly enabled a cybercriminal to breach its network by providing staff passwords upon simple requests, leading to significant operational disruptions.

Experts have been warning for years about deepfake AI technology evolving to a dangerous point, and now it's happening. Used maliciously, these clones are infesting the culture from Hollywood to the White House.

Microsoft encourages the shift to a passwordless experience, emphasizing its ability to enhance security and resistance against phishing attacks for user accounts.

Miaan Group has reported three cases of government spyware attacks against Iranians, involving two individuals in Iran and one in Europe, indicating that awareness of such threats is rising.

Experts emphasize unprecedented concerns regarding international law's stability, highlighting the potential for unresolved conflicts to escalate and disrupt global governance and cooperation.

The TSA warns that using public Wi-Fi and USB charging ports at airports can be dangerous if misused by malicious individuals. Juice jacking can transmit sensitive data.

Many countries, including the UK and US, experience a spike in fraudulent messages purporting to be from tax authorities when tax filings become due.