Skip to main content
← All Tags

Cybersecurity

624 articles in this category (Page 12 of 26)

AI NewsCybersecurityBrowser Security

Malicious Chrome Extensions Target Workday & NetSuite for Account Takeover

Five rogue Chrome extensions impersonating legitimate platforms like Workday and NetSuite have been discovered, resulting in stolen cookies and compromised admin controls.

Read more
AI NewsCybersecurityMalware

GootLoader Malware Employs 500-1,000 Concatenated ZIP Archives for Evasion

GootLoader malware utilizes malformed ZIP archives containing 500–1,000 concatenated files to bypass detection by tools like WinRAR.

Read more
AI NewsCybersecurityThreat Intelligence

LOTUSLITE Backdoor Targets U.S. Policy Entities Using Venezuela-Themed Spear Phishing

China-linked attackers deployed the LOTUSLITE backdoor against U.S. government targets via Venezuela-themed phishing, highlighting continued reliance on DLL side-loading.

Read more
AI NewsCybersecurityVulnerability Management

More Problems for Fortinet: Critical FortiSIEM Flaw Exploited

A critical command injection vulnerability (CVE-2025-64155) in FortiSIEM is being actively exploited, allowing unauthenticated attackers remote code execution.

Read more
AI NewsCybersecurityFraud

Microsoft Disrupts RedVDS Cybercrime Service Linked to $40 Million in Fraud

Microsoft successfully disrupted RedVDS, a crimeware subscription service enabling phishing and BEC fraud, resulting in approximately $40 million in U.S. losses and impacting 191,000 organizations.

Read more
AI NewsCybersecurityAI Risk

Model Security Is the Wrong Frame – The Real Risk Is Workflow Security

AI security risks are shifting from models to workflows, highlighted by data theft from 900,000 users via malicious extensions and prompt injection attacks.

Read more
AI NewsCybersecurityNetwork Security

Palo Alto Fixes GlobalProtect DoS Flaw That Can Crash Firewalls Without Login

Palo Alto Networks patched CVE-2026-0227, a critical GlobalProtect vulnerability allowing unauthenticated DoS attacks that force firewalls into maintenance mode.

Read more
AI NewsCybersecuritySpyware

Predator Spyware Sample Indicates 'Vendor-Controlled' C2

Jamf research reveals Predator spyware reports deployment errors to its C2, suggesting Intellexa has greater control than previously acknowledged.

Read more
AI NewsCybersecurityPrompt Injection

Reprompt Attack Enables Single-Click Data Exfiltration From Microsoft Copilot

Researchers revealed a Reprompt attack allowing single-click data exfiltration from Microsoft Copilot, bypassing enterprise security controls.

Read more
AI NewsCybersecurityThreat Intelligence

AI-Powered Voice Cloning Bypass and Telecom Security Concerns Dominate This Week’s Threats

This week’s security bulletin highlights a new AI voice cloning evasion technique, a $26M crypto hack, and increased scrutiny of telecom security practices.

Read more
AI NewsCybersecurityVulnerability Management

Vulnerabilities Surge, But Messy Reporting Blurs Picture

A record 48,177 vulnerabilities were assigned CVE identifiers in 2025, driven by expanded reporting and a shift in CVE issuance leadership.

Read more
AI NewsCybersecurityEvent Security

Winter Olympics Could Share Podium With Cyberattackers

The 2026 Milano Cortina Winter Games face threats from hacktivists, ransomware gangs, and nation-state actors seeking to disrupt or exploit the event.

Read more
AI NewsCybersecurityIAM

AI Agents Are Becoming Authorization Bypass Paths

Enterprise AI agents, designed to boost automation, are increasingly creating security risks by bypassing traditional IAM controls and granting access beyond authorized user permissions.

Read more
AI NewsNode.jsCybersecurity

Critical Node.js Vulnerability Can Cause Server Crashes via async_hooks Stack Overflow

Node.js released updates fixing a critical DoS flaw (CVE-2025-59466) caused by async_hooks stack crashes, impacting most production apps.

Read more
AI NewsCybersecurityMalware

DLL Side-Loading Exploited in Malware Campaign Delivering Trojans and RATs

A recent campaign leverages a c-ares DLL side-loading vulnerability in a signed GitKraken binary, resulting in the delivery of diverse malware like Agent Tesla and XWorm.

Read more
AI NewsCybersecurityThreat Intelligence

Microsoft Disrupts RedVDS Cybercrime Service, Seizing Key Infrastructure

Microsoft collaborated with law enforcement to disrupt RedVDS, a cybercrime-as-a-service operation responsible for stealing millions, seizing two key domains.

Read more
AI NewsCybersecurityWindows Security

Microsoft Fixes 114 Windows Flaws in January 2026 Patch, One Actively Exploited

Microsoft’s January 2026 Patch Tuesday addresses 114 Windows vulnerabilities, including an actively exploited Desktop Window Manager flaw added to CISA’s KEV list.

Read more
AI NewsCybersecurityData Privacy

64% of Third-Party Web Applications Access Sensitive Data Unjustifiably

New research reveals 64% of third-party applications on websites access sensitive data without business need, increasing risk for government and education sectors.

Read more
AI NewsCybersecurityMalware

PLUGGYAPE Malware Leverages Signal and WhatsApp to Target Ukrainian Defense

CERT-UA reports PLUGGYAPE malware attacks targeting Ukrainian defense forces via Signal and WhatsApp, demonstrating a shift towards encrypted messaging app exploitation.

Read more
AI NewsCybersecurityThreat Intelligence

Oceania Sees Rise in Cyberattacks Targeting Retail and Services

A new report reveals that retail and construction sectors in Australia and New Zealand experienced more cyberattacks in 2025 than critical infrastructure.

Read more
AI NewsCybersecurityVulnerability Management

CISA Warns of Active Exploitation of Gogs Vulnerability Enabling Code Execution

CISA added a high-severity Gogs flaw (CVE-2025-8110) to its KEV catalog due to active exploitation leading to remote code execution, with 700 instances already compromised.

Read more
AI NewsCybersecurityRisk Management

CISO Succession Crisis Highlights How Turnover Amplifies Risks

Rapid CISO turnover is a growing problem, with average tenures hovering between 18-26 months and 66% reporting excessive expectations.

Read more
AI NewsCybersecurityM&A

CrowdStrike to Acquire Seraphic Security for $420M to Enhance Browser Security

CrowdStrike will integrate Seraphic Security’s browser protection into its Falcon platform, aiming to secure endpoints, sessions, and cloud applications.

Read more
AI NewsCybersecurityITSM

‘Most Severe AI Vulnerability to Date’ Hits ServiceNow

ServiceNow’s authentication issues allowed potential full platform takeover and access to connected systems, identified as the most severe AI-driven vulnerability uncovered to date.

Read more