#cybersecurity

[ follow ]
#passkeys
Privacy technologies
fromTheregister
6 hours ago

NCSC: Passkeys now good enough to be the default standard

The NCSC endorses passkeys as the default authentication standard, urging consumers to abandon passwords for enhanced security.
Artificial intelligence
from24/7 Wall St.
2 hours ago

Jim Cramer Says People Who Sold CrowdStrike on AI Fear Made the Biggest Mistake of 2026

Investors misjudged CrowdStrike's potential, as AI advancements create increased demand for cybersecurity rather than reducing it.
Information security
fromInfoWorld
1 hour ago

UK's NCSC calls passkeys the default, says passwords are no longer fit for the purpose

Passkeys are recommended as the primary authentication method due to their security and user-friendliness compared to traditional passwords.
#ai
Information security
fromInfoWorld
13 hours ago

Claude Mythos signals a new era in AI-driven security, finding 271 flaws in Firefox

AI has exposed hundreds of vulnerabilities in Mozilla's Firefox browser, highlighting both cybersecurity advancements and dual-use risks.
Information security
fromComputerworld
13 hours ago

Claude Mythos signals a new era in AI-driven security, finding 271 flaws in Firefox

AI has exposed hundreds of vulnerabilities in Mozilla's Firefox browser, highlighting both cybersecurity advancements and dual-use risks.
Information security
fromSecurityWeek
2 hours ago

Chinese Cybersecurity Firm's AI Hacking Claims Draw Comparisons to Claude Mythos

A Chinese cybersecurity firm claims AI-driven vulnerability discovery capabilities rivaling Anthropic's Claude Mythos model.
Information security
fromSecurityWeek
4 hours ago

AI Can Autonomously Hack Cloud Systems With Minimal Oversight: Researchers

AI systems can autonomously hack cloud environments, demonstrating advanced capabilities in executing sophisticated attacks without specific instructions.
Information security
fromInfoWorld
13 hours ago

Claude Mythos signals a new era in AI-driven security, finding 271 flaws in Firefox

AI has exposed hundreds of vulnerabilities in Mozilla's Firefox browser, highlighting both cybersecurity advancements and dual-use risks.
Information security
fromComputerworld
13 hours ago

Claude Mythos signals a new era in AI-driven security, finding 271 flaws in Firefox

AI has exposed hundreds of vulnerabilities in Mozilla's Firefox browser, highlighting both cybersecurity advancements and dual-use risks.
#cisa
SF politics
fromNextgov.com
17 hours ago

Plankey withdraws nomination to lead CISA

Sean Plankey has withdrawn his nomination to lead the Cybersecurity and Infrastructure Security Agency after a year of waiting for Senate confirmation.
Information security
fromThe Verge
21 hours ago

Anthropic's Mythos rollout has missed America's cyberscurity agency

CISA lacks access to Anthropic's cybersecurity model, raising concerns about its prioritization and effectiveness in digital security.
SF politics
fromNextgov.com
17 hours ago

Plankey withdraws nomination to lead CISA

Sean Plankey has withdrawn his nomination to lead the Cybersecurity and Infrastructure Security Agency after a year of waiting for Senate confirmation.
Information security
fromThe Verge
21 hours ago

Anthropic's Mythos rollout has missed America's cyberscurity agency

CISA lacks access to Anthropic's cybersecurity model, raising concerns about its prioritization and effectiveness in digital security.
DevOps
fromTheregister
2 hours ago

Hybrid clouds have two attack surfaces - so watch both

Hybrid cloud management tools present significant security vulnerabilities that users often overlook.
#hacking
Information security
fromComputerWeekly.com
3 hours ago

Chinese hackers using compromised networks to spy on Western companies, says Five Eyes | Computer Weekly

China-linked hackers are using vulnerable internet-connected devices to obscure espionage and hacking operations against Western organizations.
Privacy professionals
fromReadWrite
3 hours ago

Caesars sued over 2026 data breach claims

Caesars Entertainment faces a class action lawsuit for failing to protect customer data during a second cyber incident after a previous breach in 2023.
#data-breach
fromEngadget
18 hours ago
France news

France's national agency for managing IDs and passports suffered a data breach last week

fromTechCrunch
23 hours ago
Privacy professionals

Cosmetics giant Rituals confirms data breach of customer membership records | TechCrunch

France news
fromEngadget
18 hours ago

France's national agency for managing IDs and passports suffered a data breach last week

France Titres confirmed a security breach exposing personal data, including names and contact information, with potential for phishing attacks.
France news
fromTechCrunch
19 hours ago

France confirms data breach at government agency that manages citizens' IDs | TechCrunch

The French government agency ANTS confirmed a data breach affecting citizens' identity documents, potentially involving millions of personal records.
Privacy professionals
fromTechCrunch
23 hours ago

Cosmetics giant Rituals confirms data breach of customer membership records | TechCrunch

Rituals confirmed a data breach affecting customers' personal information after hackers stole data from its membership database.
France news
fromTheregister
1 day ago

France's 'Secure' ID agency probes claimed 19M record breach

A significant data breach may have exposed personal information of up to 19 million individuals in France.
Privacy professionals
fromFast Company
1 day ago

Lovable left AI prompts and user data exposed, one researcher found

Lovable's platform exposed users' private data, including chat histories and source code, to other users due to a significant data breach.
Deliverability
fromSecurityWeek
3 hours ago

The Behavioral Shift: Why Trusted Relationships Are the Newest Attack Surface

Email attackers now exploit behavioral weaknesses, using tailored tactics that blend into trusted relationships and workflows, making detection more challenging.
Information security
fromTheregister
4 hours ago

NCSC's first gadget blocks malware transfer over HDMI cables

GCHQ's SilentGlass device protects display devices from cyberattacks by blocking malicious traffic between computers and monitors.
#artificial-intelligence
fromFortune
4 hours ago
Information security

Former national cyber director: Anthropic's 'Mythos' AI can hack nearly anything and we aren't ready | Fortune

fromWIRED
20 hours ago
Artificial intelligence

5 AI Models Tried to Scam Me. Some of Them Were Scary Good

Artificial intelligence is increasingly capable of executing sophisticated social engineering attacks, as demonstrated by the DeepSeek-V3 model.
Information security
fromFortune
21 hours ago

The Mythos meeting focused on the wrong AI risk to banks. Here's the one nobody is talking about | Fortune

Artificial intelligence is transforming fraud into a machine-driven, scalable threat, posing risks beyond traditional cyber attacks.
Information security
fromFortune
4 hours ago

Former national cyber director: Anthropic's 'Mythos' AI can hack nearly anything and we aren't ready | Fortune

Mythos, Anthropic's advanced AI model, poses significant risks to critical infrastructure, necessitating urgent investment and collaboration to enhance cybersecurity.
Artificial intelligence
fromWIRED
20 hours ago

5 AI Models Tried to Scam Me. Some of Them Were Scary Good

Artificial intelligence is increasingly capable of executing sophisticated social engineering attacks, as demonstrated by the DeepSeek-V3 model.
Information security
fromFortune
21 hours ago

The Mythos meeting focused on the wrong AI risk to banks. Here's the one nobody is talking about | Fortune

Artificial intelligence is transforming fraud into a machine-driven, scalable threat, posing risks beyond traditional cyber attacks.
fromTheregister
5 hours ago

Sharing isn't caring if it's an admin password: Pwned

The client wanted to 'keep things simple' for their team, so they used the same administrative password for both staging and production environments. That password was the hard-to-guess combination of 'admin123.'
Information security
#microsoft
European startups
fromTNW | Investors-Funding
6 hours ago

Microsoft commits A$25 billion to Australia by 2029

Microsoft announces A$25 billion investment in Australia, expanding AI infrastructure and cybersecurity initiatives, and training three million Australians in AI skills by 2028.
Information security
fromNextgov.com
21 hours ago

Microsoft to test third-party AI models for incorporation in its security offerings

Microsoft is evaluating third-party AI systems to enhance its cybersecurity measures against AI-driven threats.
European startups
fromTNW | Investors-Funding
6 hours ago

Microsoft commits A$25 billion to Australia by 2029

Microsoft announces A$25 billion investment in Australia, expanding AI infrastructure and cybersecurity initiatives, and training three million Australians in AI skills by 2028.
Information security
fromNextgov.com
21 hours ago

Microsoft to test third-party AI models for incorporation in its security offerings

Microsoft is evaluating third-party AI systems to enhance its cybersecurity measures against AI-driven threats.
Information security
fromSecurityWeek
6 hours ago

Recent Microsoft Defender Vulnerability Exploited as Zero-Day

A zero-day vulnerability in Microsoft Defender, tracked as CVE-2026-33825, allows privilege escalation through a flaw named BlueHammer.
#malware
Information security
fromInfoWorld
14 hours ago

Malicious pgserve, automagik developer tools found in npm registry

Malicious npm packages aim to steal sensitive data and credentials, potentially leading to complete organizational takeovers.
Information security
fromTechRepublic
21 hours ago

Fake Google Antigravity Installer Can Steal Accounts in Minutes

A fake Google Antigravity download exposes user accounts to compromise by delivering malware alongside the legitimate application.
Information security
fromThe Hacker News
23 hours ago

Harvester Deploys Linux GoGra Backdoor in South Asia Using Microsoft Graph API

Harvester has deployed a new Linux version of its GoGra backdoor targeting entities in South Asia using Microsoft Graph API for covert operations.
Information security
fromSecurityWeek
1 day ago

New Wiper Malware Targeted Venezuelan Energy Sector Prior to US Intervention

A new wiper malware, Lotus Wiper, targets the energy sector, disrupting operations and leaving systems unrecoverable.
Deliverability
fromTechRepublic
21 hours ago

New Apple Phishing Scam Uses Fake $899 iPhone Purchase Alert

A phishing scam mimics an Apple security alert to trick users into calling a fake support number and potentially compromising their accounts.
Information security
fromTechRepublic
21 hours ago

Hackers Impersonate IT Help Desk on Microsoft Teams to Gain Access, Steal Data

Hackers are increasingly using social engineering on Microsoft Teams to gain unauthorized access by impersonating IT support.
Information security
fromNextgov.com
22 hours ago

Cyber Command carried out over 8,000 missions in 2025, director says

U.S. Cyber Command conducted over 8,000 missions in 2025, marking a 25% increase from 2024, with expectations for further growth in 2026.
Information security
fromWIRED
22 hours ago

AI Tools Are Helping Mediocre North Korean Hackers Steal Millions

AI tools have enabled unskilled hackers to execute sophisticated cybercrime operations, resulting in significant financial theft.
Information security
fromnews.bitcoin.com
1 day ago

Mach-O Man Malware Steals macOS Keychain Data in Lazarus Group Crypto Campaign

North Korea's Lazarus Group deployed Mach-O Man malware targeting macOS users in crypto and fintech roles in April 2026.
Privacy professionals
fromTechCrunch
1 day ago

UK government says 100 countries have spyware that can hack people's phones | TechCrunch

More than half of the world's governments now have access to commercial spyware, increasing risks for citizens and critical infrastructure.
Information security
fromSecurityWeek
1 day ago

Most Serious Cyberattacks Against the UK Now From Russia, Iran and China, Cyber Chief Says

Hostile nations like Russia, Iran, and China are the primary sources of serious cyberattacks in the U.K.
Information security
fromComputerWeekly.com
1 day ago

A tsunami of flaws: When frontier AI and Patch Tuesday collide | Computer Weekly

April 2025 Patch Tuesday update was the second-largest in history, addressing over 160 vulnerabilities, with AI tools potentially driving the increase.
Information security
fromSecurityWeek
1 day ago

Mirai Botnet Targets Flaw in Discontinued D-Link Routers

A Mirai botnet exploits a command injection vulnerability in discontinued D-Link routers, posing risks to connected devices.
Information security
fromThe Hacker News
1 day ago

Lotus Wiper Malware Targets Venezuelan Energy Systems in Destructive Attack

A new data wiper named Lotus Wiper targets Venezuela's energy sector, erasing files and disrupting operations without financial motives.
Information security
fromSecurityWeek
1 day ago

North Korean Hackers Use AppleScript, ClickFix in Fresh macOS Attacks

North Korean hackers are targeting macOS users in financial organizations using social engineering techniques to install information-stealing malware.
Information security
fromSecurityWeek
1 day ago

Google Antigravity in Crosshairs of Security Researchers, Cybercriminals

Google Antigravity's vulnerabilities have attracted both security researchers and cybercriminals, leading to risks of remote code execution and malware delivery.
#ai-security
Information security
fromThe Verge
1 day ago

Anthropic's most dangerous AI model just fell into the wrong hands

Mythos AI model accessed by unauthorized users, raising cybersecurity concerns about its potential misuse.
Information security
fromTNW | Anthropic
1 day ago

Unauthorized users gained access to Anthropic's restricted Mythos AI model

Unauthorized users accessed Claude Mythos Preview by guessing its URL, raising concerns about security in AI model access.
Information security
fromThe Verge
1 day ago

Anthropic's most dangerous AI model just fell into the wrong hands

Mythos AI model accessed by unauthorized users, raising cybersecurity concerns about its potential misuse.
Information security
fromTNW | Anthropic
1 day ago

Unauthorized users gained access to Anthropic's restricted Mythos AI model

Unauthorized users accessed Claude Mythos Preview by guessing its URL, raising concerns about security in AI model access.
#anthropic
Information security
fromEngadget
1 day ago

Anthropic is investigating 'unauthorized access' of its Mythos cybersecurity tool

Anthropic is investigating unauthorized access to its Claude Mythos model, which is designed to identify cybersecurity flaws.
Artificial intelligence
fromTNW | Us
1 day ago

Trump says Anthropic Pentagon deal is 'possible'

Anthropic's AI models may be used by the Department of Defense following positive discussions with the White House, despite previous federal restrictions.
Information security
fromEngadget
1 day ago

Anthropic is investigating 'unauthorized access' of its Mythos cybersecurity tool

Anthropic is investigating unauthorized access to its Claude Mythos model, which is designed to identify cybersecurity flaws.
Artificial intelligence
fromTNW | Us
1 day ago

Trump says Anthropic Pentagon deal is 'possible'

Anthropic's AI models may be used by the Department of Defense following positive discussions with the White House, despite previous federal restrictions.
#openai
Information security
fromAxios
1 day ago

Exclusive: OpenAI briefs feds and Five Eyes on new cyber product

OpenAI demonstrated its GPT-5.4-Cyber model to federal cyber defense practitioners, emphasizing a dual-track access approach for government and commercial users.
Artificial intelligence
fromTechCrunch
1 day ago

Sam Altman throws shade at Anthropic's cyber model, Mythos: 'fear-based marketing' | TechCrunch

OpenAI's Sam Altman criticizes Anthropic's fear-based marketing strategy regarding its new cybersecurity model, Mythos.
Information security
fromAxios
1 day ago

Exclusive: OpenAI briefs feds and Five Eyes on new cyber product

OpenAI demonstrated its GPT-5.4-Cyber model to federal cyber defense practitioners, emphasizing a dual-track access approach for government and commercial users.
Artificial intelligence
fromTechCrunch
1 day ago

Sam Altman throws shade at Anthropic's cyber model, Mythos: 'fear-based marketing' | TechCrunch

OpenAI's Sam Altman criticizes Anthropic's fear-based marketing strategy regarding its new cybersecurity model, Mythos.
Information security
fromSecurityWeek
1 day ago

Oracle Patches 450 Vulnerabilities With April 2026 CPU

Oracle released 481 new security patches in April 2026, addressing vulnerabilities across 28 product families, with many remotely exploitable without authentication.
Information security
fromThe Hacker News
1 day ago

Mustang Panda's New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles

A new variant of LOTUSLITE malware targets India's banking sector, focusing on espionage rather than financial gain.
DevOps
fromInfoQ
1 day ago

Cloudflare Outlines MCP Architecture as Enterprises Confront Security and Governance Risks

Centralized governance and remote infrastructure are essential for secure Model Context Protocol deployments, addressing risks like prompt injection and supply chain attacks.
Information security
fromTechzine Global
1 day ago

As Mythos fixes Mozilla flaws, unauthorized access spells disaster

Firefox's Claude Mythos Preview addresses 271 vulnerabilities, but unauthorized access raises concerns about potential misuse by threat actors.
DevOps
fromSecuritymagazine
1 day ago

The Security Metric That's Failing You

Measuring patch rates does not equate to a secure environment; real risks often lie in misconfigurations and outdated permissions.
fromwww.theguardian.com
1 day ago

UK could face hacktivist attacks at scale', says head of security agency

Richard Horne stated that the UK could face hacktivist attacks at scale if it becomes embroiled in a conflict, with impacts similar to recent ransomware incidents.
Information security
Privacy professionals
fromSecuritymagazine
1 day ago

The Privacy-Security Partnership: How We Bend Risk in a Resource Crunch

Fewer privacy practitioners feel confident in meeting laws, while resource shortages and compliance challenges increase stress in the field.
Europe news
fromwww.theguardian.com
1 day ago

Ukraine war briefing: Quick loan in pipeline as Druzhba reopens

The Druzhba pipeline is set to resume operations after repairs, while Ukraine anticipates EU approval for a significant loan following Hungary's political changes.
UK politics
fromwww.independent.co.uk
1 day ago

Iran, Russia and China behind most major cyberattacks on UK, security chief warns

The Independent provides critical journalism on key issues without paywalls, emphasizing the importance of accessible reporting.
Information security
fromTheregister
1 day ago

Cheapskate cyber strategy won't stop Beijing's finest

State-sponsored cyberattacks from China represent a sophisticated and significant threat in modern warfare, necessitating preparedness for potential conflict.
#ransomware
fromTechCrunch
1 day ago
Information security

Ransomware negotiator pleads guilty to helping ransomware gang | TechCrunch

fromNextgov.com
2 days ago
Healthcare

Former FBI official proposes terror designations for ransomware hackers targeting hospitals

Healthcare
fromTheregister
1 day ago

Ex-FBI lead urges homicide charges against ransomware scum

Cyberattacks causing death should be treated as murder, urging felony homicide charges against ransomware actors targeting healthcare facilities.
Information security
fromThe Hacker News
1 day ago

SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation

The Gentlemen ransomware group uses SystemBC malware to target over 1,570 victims, employing sophisticated tactics for initial access and lateral movement.
fromTechCrunch
1 day ago
Information security

Ransomware negotiator pleads guilty to helping ransomware gang | TechCrunch

Healthcare
fromNextgov.com
2 days ago

Former FBI official proposes terror designations for ransomware hackers targeting hospitals

Ransomware actors targeting critical infrastructure may be designated as terrorists, allowing for expanded legal actions against them.
Law
fromTheregister
2 days ago

Third ransomware pro pleads guilty to cybercrime U-turn

Angelo Martino pleaded guilty to aiding the ALPHV/BlackCat ransomware gang in extorting US businesses.
Artificial intelligence
fromFuturism
1 day ago

Chinese Workers Horrified as Bosses Direct Them to Train Their AI Replacements

Mercor hires job-seekers to train AI models that may replace them, reflecting a trend towards automation in the workforce.
Information security
fromComputerWeekly.com
1 day ago

Anthropic's Mythos raises the stakes for security validation | Computer Weekly

The rise of autonomous AI in security introduces unpredictability, complicating the validation of defenses against evolving threats.
Information security
fromTheregister
1 day ago

More Cisco SD-WAN bugs battered in attacks

CISA warns of active attacks on three Cisco Catalyst SD-WAN Manager vulnerabilities, urging federal agencies to patch within four days.
Information security
fromDevOps.com
1 day ago

Critical Microsoft GitHub Flaw Highlights Dangers to CI/CD Pipelines: Tenable - DevOps.com

A critical vulnerability in a Microsoft GitHub repository allows attackers to exploit CI/CD infrastructure and run arbitrary code.
Information security
fromThe Hacker News
1 day ago

22 BRIDGE:BREAK Flaws Expose Thousands of Lantronix and Silex Serial-to-IP Converters

22 new vulnerabilities in serial-to-IP converters could allow attackers to hijack devices and tamper with data.
Information security
fromComputerWeekly.com
1 day ago

M&S one year on: turning anticipation into secure by design | Computer Weekly

Retailers must prioritize preparedness for cyber attacks, focusing on third-party risk and continuous visibility across their supply chains.
fromAxios
1 day ago

Scoop: Top U.S. cyber agency doesn't have access to Anthropic's powerful hacking model

Anthropic decided against a public release of Mythos due to its unprecedented ability to quickly discover and exploit security vulnerabilities, providing it to more than 40 companies and organizations for testing.
Information security
Information security
fromSecurityWeek
2 days ago

Dozens of Malicious Crypto Apps Land in Apple App Store

Over two dozen fake cryptocurrency apps targeting iOS users have been found in the Apple App Store, aimed at stealing recovery phrases and private keys.
Information security
fromSecurityWeek
2 days ago

Unsecured Perforce Servers Expose Sensitive Data From Major Orgs

Many internet-facing Perforce P4 servers are misconfigured, exposing sensitive information and allowing unauthorized access.
[ Load more ]