OpenAI Unveils GPT-5.4-Cyber for Improving Cyber Defense With AI
OpenAI’s new frontier model focused on cybersecurity comes following Anthropic’s launch of Claude Mythos Preview and Project Glasswing
Information Security Magazine
European Cybersecurity Agency ENISA Seeks Top-Tier Status in CVE Program
1 day 1 hour ago
The EU cybersecurity agency looks to become the third Top-Level Root CVE Numbering Authority, alongside CISA and MITRE
Signed Adware Operation Disables Antivirus Across 23,000 Hosts
1 day 2 hours ago
Huntress uncovers adware deploying AV-killing payloads via signed updates across 23,000 endpoints
Critical Nginx-ui MCP Flaw Actively Exploited in the Wild
1 day 4 hours ago
Critical nginx-ui MCP authentication bypass CVE-2026-33032 actively exploited with CVSS 9.8
AI Companies to Play Bigger Role in CVE Program, Says CISA
1 day 6 hours ago
At VulnCon, Lindsey Cerkovnik, head of vulnerability management at CISA, said AI companies should play a bigger role in vulnerability disclosures in the future
Researchers Spot Surge in Brute-Force Attacks from Middle East
1 day 7 hours ago
Barracuda says 88% of brute-force attempts in Q1 were from the region
Microsoft Fixes Two Zero-Days in April Patch Tuesday
1 day 8 hours ago
Microsoft has patched two zero-day flaws and over 160 others
CISOs Urged to Innovate with Talent Retention as Job Satisfaction Declines
2 days 4 hours ago
A new IANS report claims just 34% of cybersecurity professionals plan to stay put in the next 12 months
Triad Nexus Expands Global Fraud Operations Despite US Sanctions
2 days 5 hours ago
Triad Nexus scales $200m scams, uses infrastructure laundering, localized fraud and US-access blocks
Malicious Chrome Extensions Campaign Exposes User Data
2 days 5 hours ago
108 malicious Chrome extensions steal sessions, Google data, inject ads via single C2 infrastructure
AI Security Institute Advocates Security Best Practices After Mythos Test
2 days 7 hours ago
The AISI has issued its judgement on Anthropic’s Mythos Preview model
Mailbox Rule Abuse Emerges as Stealthy Post-Compromise Threat
3 days 2 hours ago
Attackers are abusing Microsoft 365 mailbox rules to hide activity, exfiltrate data and retain access after account compromise, researchers warn
Mirax Android Trojan Turns Devices Into Residential Proxy Nodes
3 days 2 hours ago
Security researchers warn of Mirax, an emerging Android banking trojan using MaaS, remote access and residential proxies to target European users
FBI Dismantles $20m Phishing Operation W3LL
3 days 6 hours ago
The W3LL phishing kit has been associated with fraud attempts totaling $20m
UK Cyber Security Council Launches Associate Cyber Security Professional Title
3 days 8 hours ago
The UK Cyber Security Council has unveiled a new Associate Cyber Security Professional title aimed at supporting early‑career cybersecurity professionals
Operation Atlantic Seizes $12m in Crypto Losses
3 days 9 hours ago
UK, US and Canadian authorities have identified over 20,000 victims of approval phishing scams that trick users into handing over full crypto wallet access
Just Three Ransomware Gangs Accounted for 40% of Attacks Last Month
6 days 5 hours ago
Qilin, Akira and Dragonforce were responsible for 40% of 672 ransomware incidents reported in March, says Check Point
Google Chrome Rolls Out Protection Against Infostealers Targeting Session Cookies
6 days 5 hours ago
Chrome’s Device Bound Session Credentials is designed to block infostealers from harvesting session cookie
STX RAT Targets Finance Sector With Advanced Stealth Tactics
1 week ago
STX RAT, a newly identified remote access trojan, attempted deployment in finance, showing advanced C2 and stealthy delivery methods
Bitcoin Depot Reports $3.6m Crypto Theft After System Breach
1 week ago
Bitcoin Depot has disclosed a cyber-attack that led to the theft of more than 50 Bitcoin, worth $3.66m, after hackers accessed its internal systems
Checked
9 hours 22 minutes ago