#cybersecurity

[ follow ]
Information security
fromWIRED
38 minutes ago

AI Tools Are Helping Mediocre North Korean Hackers Steal Millions

AI tools have enabled unskilled hackers to execute sophisticated cybercrime operations, resulting in significant financial theft.
#data-breach
France news
fromThe Local France
1 day ago

Warning over cyber-attack on French government's ANTS platform

Hackers accessed personal details of users on the French government's ANTS platform, prompting warnings about potential phishing scams.
Information security
fromTheregister
1 day ago

AI-pwned: Vercel breach traced to stolen employee creds

Vercel's CEO suspects AI aided attackers in a breach that exploited a compromised employee account and non-sensitive environment variables.
Privacy professionals
fromTechCrunch
59 minutes ago

Cosmetics giant Rituals confirms data breach of customer membership records | TechCrunch

Rituals confirmed a data breach affecting customers' personal information after hackers stole data from its membership database.
France news
fromTheregister
5 hours ago

France's 'Secure' ID agency probes claimed 19M record breach

A significant data breach may have exposed personal information of up to 19 million individuals in France.
Privacy professionals
fromFast Company
23 hours ago

Lovable left AI prompts and user data exposed, one researcher found

Lovable's platform exposed users' private data, including chat histories and source code, to other users due to a significant data breach.
France news
fromThe Local France
1 day ago

Warning over cyber-attack on French government's ANTS platform

Hackers accessed personal details of users on the French government's ANTS platform, prompting warnings about potential phishing scams.
Information security
fromTheregister
1 day ago

AI-pwned: Vercel breach traced to stolen employee creds

Vercel's CEO suspects AI aided attackers in a breach that exploited a compromised employee account and non-sensitive environment variables.
#ai
Information security
fromHarvard Gazette
56 minutes ago

Got personal financial, medical data you'd like to keep private? Good luck.Got personal financial, medical data you'd like to keep private? Good luck. - Harvard Gazette

New AI models may increase the risk of cybercriminals breaching secure systems, exposing personal data.
fromZDNET
4 hours ago
Information security

Google bets $32B on AI agent cyber force as security arms race escalates

Information security
fromFast Company
6 hours ago

Brace yourself for a flood of patches in all of your tech gadgets

Mythos, Anthropic's AI model, identifies software vulnerabilities, prompting urgent updates to prevent exploitation by hackers.
Software development
fromTheregister
12 hours ago

Mythos found 271 Firefox flaws - none a human couldn't spot

Mythos AI model significantly improves bug detection, identifying 271 vulnerabilities in Firefox 150, marking a pivotal moment for software security.
Information security
fromHarvard Gazette
56 minutes ago

Got personal financial, medical data you'd like to keep private? Good luck.Got personal financial, medical data you'd like to keep private? Good luck. - Harvard Gazette

New AI models may increase the risk of cybercriminals breaching secure systems, exposing personal data.
Information security
fromZDNET
4 hours ago

Google bets $32B on AI agent cyber force as security arms race escalates

Google introduces AI agents for cyber defense, enhancing threat detection and mitigation capabilities against increasingly sophisticated cyberattacks.
Information security
fromFast Company
6 hours ago

Brace yourself for a flood of patches in all of your tech gadgets

Mythos, Anthropic's AI model, identifies software vulnerabilities, prompting urgent updates to prevent exploitation by hackers.
Software development
fromTheregister
12 hours ago

Mythos found 271 Firefox flaws - none a human couldn't spot

Mythos AI model significantly improves bug detection, identifying 271 vulnerabilities in Firefox 150, marking a pivotal moment for software security.
#malware
Information security
fromThe Hacker News
46 minutes ago

Harvester Deploys Linux GoGra Backdoor in South Asia Using Microsoft Graph API

Harvester has deployed a new Linux version of its GoGra backdoor targeting entities in South Asia using Microsoft Graph API for covert operations.
Information security
fromSecurityWeek
4 hours ago

New Wiper Malware Targeted Venezuelan Energy Sector Prior to US Intervention

A new wiper malware, Lotus Wiper, targets the energy sector, disrupting operations and leaving systems unrecoverable.
Information security
fromThe Hacker News
1 day ago

NGate Campaign Targets Brazil, Trojanizes HandyPay to Steal NFC Data and PINs

A new Android malware called NGate abuses the HandyPay app to conduct NFC relay attacks and steal payment card information.
Information security
fromThe Hacker News
46 minutes ago

Harvester Deploys Linux GoGra Backdoor in South Asia Using Microsoft Graph API

Harvester has deployed a new Linux version of its GoGra backdoor targeting entities in South Asia using Microsoft Graph API for covert operations.
Information security
fromSecurityWeek
4 hours ago

New Wiper Malware Targeted Venezuelan Energy Sector Prior to US Intervention

A new wiper malware, Lotus Wiper, targets the energy sector, disrupting operations and leaving systems unrecoverable.
Information security
fromThe Hacker News
1 day ago

NGate Campaign Targets Brazil, Trojanizes HandyPay to Steal NFC Data and PINs

A new Android malware called NGate abuses the HandyPay app to conduct NFC relay attacks and steal payment card information.
Privacy professionals
fromTechCrunch
2 hours ago

UK government says 100 countries have spyware that can hack people's phones | TechCrunch

More than half of the world's governments now have access to commercial spyware, increasing risks for citizens and critical infrastructure.
Information security
fromSecurityWeek
3 hours ago

Most Serious Cyberattacks Against the UK Now From Russia, Iran and China, Cyber Chief Says

Hostile nations like Russia, Iran, and China are the primary sources of serious cyberattacks in the U.K.
Information security
fromComputerWeekly.com
4 hours ago

A tsunami of flaws: When frontier AI and Patch Tuesday collide | Computer Weekly

April 2025 Patch Tuesday update was the second-largest in history, addressing over 160 vulnerabilities, with AI tools potentially driving the increase.
Information security
fromThe Hacker News
5 hours ago

Lotus Wiper Malware Targets Venezuelan Energy Systems in Destructive Attack

A new data wiper named Lotus Wiper targets Venezuela's energy sector, erasing files and disrupting operations without financial motives.
Information security
fromSecurityWeek
5 hours ago

North Korean Hackers Use AppleScript, ClickFix in Fresh macOS Attacks

North Korean hackers are targeting macOS users in financial organizations using social engineering techniques to install information-stealing malware.
Information security
fromSecurityWeek
6 hours ago

Google Antigravity in Crosshairs of Security Researchers, Cybercriminals

Google Antigravity's vulnerabilities have attracted both security researchers and cybercriminals, leading to risks of remote code execution and malware delivery.
#ai-security
Artificial intelligence
fromTechRepublic
1 day ago

The MCP Disclosure Is the AI Era's 'Open Redirect' Moment

The Model Context Protocol has a design flaw that enables AI supply chain attacks, posing a significant security risk to enterprise AI systems.
Information security
fromTheregister
2 days ago

Prompt injection proves AI models are gullible like humans

Prompt injection attacks exploit AI systems, similar to phishing, by embedding malicious instructions that the AI executes instead of treating as content.
#anthropic
Information security
fromEngadget
7 hours ago

Anthropic is investigating 'unauthorized access' of its Mythos cybersecurity tool

Anthropic is investigating unauthorized access to its Claude Mythos model, which is designed to identify cybersecurity flaws.
Artificial intelligence
fromTNW | Us
1 day ago

Trump says Anthropic Pentagon deal is 'possible'

Anthropic's AI models may be used by the Department of Defense following positive discussions with the White House, despite previous federal restrictions.
fromTechCrunch
4 days ago
Washington DC

Anthropic's relationship with the Trump administration seems to be thawing | TechCrunch

Information security
fromEngadget
7 hours ago

Anthropic is investigating 'unauthorized access' of its Mythos cybersecurity tool

Anthropic is investigating unauthorized access to its Claude Mythos model, which is designed to identify cybersecurity flaws.
Artificial intelligence
fromTNW | Us
1 day ago

Trump says Anthropic Pentagon deal is 'possible'

Anthropic's AI models may be used by the Department of Defense following positive discussions with the White House, despite previous federal restrictions.
fromTechCrunch
4 days ago
Washington DC

Anthropic's relationship with the Trump administration seems to be thawing | TechCrunch

#openai
Information security
fromAxios
7 hours ago

Exclusive: OpenAI briefs feds and Five Eyes on new cyber product

OpenAI demonstrated its GPT-5.4-Cyber model to federal cyber defense practitioners, emphasizing a dual-track access approach for government and commercial users.
Artificial intelligence
fromTechCrunch
21 hours ago

Sam Altman throws shade at Anthropic's cyber model, Mythos: 'fear-based marketing' | TechCrunch

OpenAI's Sam Altman criticizes Anthropic's fear-based marketing strategy regarding its new cybersecurity model, Mythos.
Information security
fromAxios
7 hours ago

Exclusive: OpenAI briefs feds and Five Eyes on new cyber product

OpenAI demonstrated its GPT-5.4-Cyber model to federal cyber defense practitioners, emphasizing a dual-track access approach for government and commercial users.
Artificial intelligence
fromTechCrunch
21 hours ago

Sam Altman throws shade at Anthropic's cyber model, Mythos: 'fear-based marketing' | TechCrunch

OpenAI's Sam Altman criticizes Anthropic's fear-based marketing strategy regarding its new cybersecurity model, Mythos.
Information security
fromSecurityWeek
7 hours ago

Oracle Patches 450 Vulnerabilities With April 2026 CPU

Oracle released 481 new security patches in April 2026, addressing vulnerabilities across 28 product families, with many remotely exploitable without authentication.
Information security
fromThe Hacker News
7 hours ago

Mustang Panda's New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles

A new variant of LOTUSLITE malware targets India's banking sector, focusing on espionage rather than financial gain.
DevOps
fromInfoQ
16 hours ago

Cloudflare Outlines MCP Architecture as Enterprises Confront Security and Governance Risks

Centralized governance and remote infrastructure are essential for secure Model Context Protocol deployments, addressing risks like prompt injection and supply chain attacks.
Information security
fromTechzine Global
9 hours ago

As Mythos fixes Mozilla flaws, unauthorized access spells disaster

Firefox's Claude Mythos Preview addresses 271 vulnerabilities, but unauthorized access raises concerns about potential misuse by threat actors.
DevOps
fromSecuritymagazine
16 hours ago

The Security Metric That's Failing You

Measuring patch rates does not equate to a secure environment; real risks often lie in misconfigurations and outdated permissions.
fromwww.theguardian.com
11 hours ago

UK could face hacktivist attacks at scale', says head of security agency

Richard Horne stated that the UK could face hacktivist attacks at scale if it becomes embroiled in a conflict, with impacts similar to recent ransomware incidents.
Information security
Europe news
fromwww.theguardian.com
15 hours ago

Ukraine war briefing: Quick loan in pipeline as Druzhba reopens

The Druzhba pipeline is set to resume operations after repairs, while Ukraine anticipates EU approval for a significant loan following Hungary's political changes.
UK politics
fromwww.independent.co.uk
19 hours ago

Iran, Russia and China behind most major cyberattacks on UK, security chief warns

The Independent provides critical journalism on key issues without paywalls, emphasizing the importance of accessible reporting.
Information security
fromTheregister
19 hours ago

Cheapskate cyber strategy won't stop Beijing's finest

State-sponsored cyberattacks from China represent a sophisticated and significant threat in modern warfare, necessitating preparedness for potential conflict.
#ransomware
fromTechCrunch
1 day ago
Information security

Ransomware negotiator pleads guilty to helping ransomware gang | TechCrunch

fromNextgov.com
1 day ago
Healthcare

Former FBI official proposes terror designations for ransomware hackers targeting hospitals

Healthcare
fromTheregister
20 hours ago

Ex-FBI lead urges homicide charges against ransomware scum

Cyberattacks causing death should be treated as murder, urging felony homicide charges against ransomware actors targeting healthcare facilities.
Information security
fromThe Hacker News
20 hours ago

SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation

The Gentlemen ransomware group uses SystemBC malware to target over 1,570 victims, employing sophisticated tactics for initial access and lateral movement.
fromTechCrunch
1 day ago
Information security

Ransomware negotiator pleads guilty to helping ransomware gang | TechCrunch

Healthcare
fromNextgov.com
1 day ago

Former FBI official proposes terror designations for ransomware hackers targeting hospitals

Ransomware actors targeting critical infrastructure may be designated as terrorists, allowing for expanded legal actions against them.
Law
fromTheregister
1 day ago

Third ransomware pro pleads guilty to cybercrime U-turn

Angelo Martino pleaded guilty to aiding the ALPHV/BlackCat ransomware gang in extorting US businesses.
Artificial intelligence
fromFuturism
22 hours ago

Chinese Workers Horrified as Bosses Direct Them to Train Their AI Replacements

Mercor hires job-seekers to train AI models that may replace them, reflecting a trend towards automation in the workforce.
Information security
fromDevOps.com
1 day ago

Critical Microsoft GitHub Flaw Highlights Dangers to CI/CD Pipelines: Tenable - DevOps.com

A critical vulnerability in a Microsoft GitHub repository allows attackers to exploit CI/CD infrastructure and run arbitrary code.
#vulnerabilities
Information security
fromThe Hacker News
1 day ago

22 BRIDGE:BREAK Flaws Expose Thousands of Lantronix and Silex Serial-to-IP Converters

22 new vulnerabilities in serial-to-IP converters could allow attackers to hijack devices and tamper with data.
Information security
fromThe Hacker News
1 day ago

CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlines

CISA added eight new vulnerabilities to its KEV catalog, including critical flaws in Cisco Catalyst SD-WAN Manager, indicating active exploitation.
Information security
fromThe Hacker News
1 day ago

22 BRIDGE:BREAK Flaws Expose Thousands of Lantronix and Silex Serial-to-IP Converters

22 new vulnerabilities in serial-to-IP converters could allow attackers to hijack devices and tamper with data.
Information security
fromThe Hacker News
1 day ago

CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlines

CISA added eight new vulnerabilities to its KEV catalog, including critical flaws in Cisco Catalyst SD-WAN Manager, indicating active exploitation.
Information security
fromComputerWeekly.com
1 day ago

M&S one year on: turning anticipation into secure by design | Computer Weekly

Retailers must prioritize preparedness for cyber attacks, focusing on third-party risk and continuous visibility across their supply chains.
fromAxios
1 day ago

Scoop: Top U.S. cyber agency doesn't have access to Anthropic's powerful hacking model

Anthropic decided against a public release of Mythos due to its unprecedented ability to quickly discover and exploit security vulnerabilities, providing it to more than 40 companies and organizations for testing.
Information security
#cryptocurrency
Information security
fromSecurityWeek
1 day ago

Dozens of Malicious Crypto Apps Land in Apple App Store

Over two dozen fake cryptocurrency apps targeting iOS users have been found in the Apple App Store, aimed at stealing recovery phrases and private keys.
Cryptocurrency
fromSecurityWeek
1 day ago

$290 Million Kelp DAO Crypto Heist Blamed on North Korea

North Korea-linked Lazarus Group executed a $290 million cryptocurrency heist from Kelp DAO using sophisticated attack methods.
Information security
fromSecurityWeek
1 day ago

Dozens of Malicious Crypto Apps Land in Apple App Store

Over two dozen fake cryptocurrency apps targeting iOS users have been found in the Apple App Store, aimed at stealing recovery phrases and private keys.
Cryptocurrency
fromSecurityWeek
1 day ago

$290 Million Kelp DAO Crypto Heist Blamed on North Korea

North Korea-linked Lazarus Group executed a $290 million cryptocurrency heist from Kelp DAO using sophisticated attack methods.
Information security
fromSecurityWeek
1 day ago

Unsecured Perforce Servers Expose Sensitive Data From Major Orgs

Many internet-facing Perforce P4 servers are misconfigured, exposing sensitive information and allowing unauthorized access.
#vulnerability
Information security
fromThe Hacker News
1 day ago

Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution

A vulnerability in Google's Antigravity IDE allowed code execution through insufficient input sanitization in the find_by_name tool.
Information security
fromThe Hacker News
2 days ago

Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

A critical vulnerability in the Model Context Protocol allows remote code execution, affecting over 7,000 servers and compromising sensitive data.
Information security
fromThe Hacker News
1 day ago

Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution

A vulnerability in Google's Antigravity IDE allowed code execution through insufficient input sanitization in the find_by_name tool.
Information security
fromThe Hacker News
2 days ago

Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

A critical vulnerability in the Model Context Protocol allows remote code execution, affecting over 7,000 servers and compromising sensitive data.
Information security
fromSecurityWeek
1 day ago

Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities

CISA expanded its Known Exploited Vulnerabilities catalog with eight new flaws, including high-severity bugs in Cisco and Kentico products.
Privacy professionals
fromWIRED
1 day ago

They Built a Legendary Privacy Tool. Now They're Sworn Enemies

GrapheneOS is highly regarded for mobile security, but its creator, Daniel Micay, has a controversial and enigmatic reputation within the cybersecurity community.
Information security
fromTechRepublic
1 day ago

Over 800 Android Apps Targeted in PIN-Stealing Trojan Campaign

Hackers exploit Android's overlay feature to capture PINs and monitor user interactions across over 800 apps using banking trojans.
Information security
fromTechRepublic
1 day ago

2026's Breach List So Far: FBI Hacked, 1B Androids at Risk, 270M iPhones Vulnerable

2026 has seen significant cyber threats, including a major FBI hack and the discovery of the DarkSword iPhone exploit framework.
Information security
fromTechCrunch
1 day ago

Mastodon says its flagship server was hit by a DDoS attack | TechCrunch

Mastodon's flagship server experienced a DDoS attack, causing significant outages and instability, but countermeasures were implemented to restore access.
Privacy professionals
fromMail Online
2 days ago

CrunchyRoll users slammed with lawsuit as millions of users exposed

Crunchyroll faces a class-action lawsuit after a data breach exposed personal information of 6.8 million users due to inadequate data security.
Artificial intelligence
fromTechCrunch
2 days ago

NSA spies are reportedly using Anthropic's Mythos, despite Pentagon feud | TechCrunch

The NSA is reportedly using Anthropic's Mythos model for cybersecurity despite previous tensions over access to AI capabilities.
#vercel
Information security
fromTechCrunch
2 days ago

App host Vercel confirms security incident, says customer data was stolen via breach at Context AI | TechCrunch

Vercel experienced a data breach due to a compromised employee account linked to Context AI, exposing customer credentials.
Information security
fromTechCrunch
2 days ago

App host Vercel confirms security incident, says customer data was stolen via breach at Context AI | TechCrunch

Vercel experienced a data breach due to a compromised employee account linked to Context AI, exposing customer credentials.
Careers
fromSecuritymagazine
2 days ago

Advance Your Cybersecurity Career

Degrees and certifications in cybersecurity indicate foundational knowledge but hands-on experience and skills are more critical for success.
fromSecurityWeek
2 days ago

Bluesky Disrupted by Sophisticated DDoS Attack

The attack is impacting our application, with users experiencing intermittent interruptions in service for their feeds, notifications, threads and search.
Information security
Information security
fromTechzine Global
2 days ago

Kubernetes attack surface explodes: number of threats quadruples

Kubernetes faces a surge in cyberattacks, with a 282% increase in attempts, particularly targeting the IT sector and crypto exchanges.
Information security
fromThe Hacker News
2 days ago

Researchers Detect ZionSiphon Malware Targeting Israeli Water, Desalination OT Systems

ZionSiphon malware targets Israeli water treatment systems, showcasing a trend in politically motivated attacks on critical infrastructure.
Information security
fromSecurityWeek
2 days ago

Hackers Fail to Exploit Flaw in Discontinued TP-Link Routers

Hackers have targeted a vulnerability in discontinued TP-Link routers for a year without successful exploitation, according to Palo Alto Networks.
Venture
fromAlleyWatch
3 days ago

#NYCtech Week in Review: 4/12/26 - 4/18/26

NYC Tech News highlights recent startup funding, exits, and events, featuring companies like Chapter, Artemis, and Bluefish.
Software development
fromFast Company
4 days ago

The hidden risks of vibe coding: 4 steps to protect your organization

Vibe coding democratizes software development but poses significant cybersecurity risks due to unknown origins of AI-generated code.
Information security
fromSecurityWeek
4 days ago

Tycoon 2FA Loses Phishing Kit Crown Amid Surge in Attacks

Threat actors have shifted to new phishing platforms after Tycoon 2FA's disruption, reusing its tools and increasing overall phishing attacks.
Information security
fromThe Hacker News
4 days ago

Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet

Threat actors exploit vulnerabilities in TBK DVR and TP-Link routers to deploy Mirai-botnet variants, targeting IoT devices for large-scale attacks.
Information security
fromBusiness Matters
5 days ago

Why Trust and Verification Are Critical for Modern Online Platform Businesses

Trust is essential yet fragile in the digital economy, with platforms facing increasing challenges from sophisticated online scams.
[ Load more ]