Lookalike npm Package Hides a Multi-Stage Windows RAT
JFrog found an npm package impersonating postcss-selector-parser to drop a multi-stage Windows RAT
Information Security Magazine
OpenAI Expands Daybreak to Help Defenders Patch Flaws
6 hours 15 minutes ago
OpenAI expanded Daybreak with a full GPT-5.5-Cyber release to help defenders patch software flaws
Trump Issues Executive Order to Fast-Track Post-Quantum Migration
6 hours 30 minutes ago
All US federal agencies will have to complete their post-quantum cryptography transition by 2031, according to a new Trump Executive Order
GTA 6 Scams Emerge as Pre-Orders Open
7 hours 30 minutes ago
Cybercriminals launch fake GTA 6 pre-order sites offering early access for crypto payments
Scattered Spider Teens Convicted of TfL Cyber-Attack
11 hours 1 minute ago
Two young British men have pleaded guilty to hacking Transport for London as part of a Scattered Spider plot
Five Eyes Group Issues Urgent Call to Tackle Frontier AI Threats
12 hours ago
The Five Eyes Alliance has published a rare call to action for organizations facing AI threats
GentleKiller Framework Disables Victims' Security Software
1 day 5 hours ago
ESET details GentleKiller, the EDR-killer framework the Gentlemen ransomware gang gives affiliates
Unpatchable BootROM Flaw Impacts Apple A12, A13 Chips
1 day 6 hours ago
Apple BootROM exploit exposes unpatchable USB flaw on A12 and A13 devices
Microsoft Attributes Mastra AI Supply Chain Attack to North Korea
1 day 9 hours ago
North Korean threat actor Sapphire Sleet has been linked to a supply chain attack targeting Mastra, according to Microsoft security researchers
Klue Breach Enables Hackers to Compromise Cybersecurity Firms via OAuth Tokens
1 day 10 hours ago
At least four cybersecurity firms confirmed they have been affected by a breach of business intelligence platform Klue via Salesforce integration
UK Information Commissioner Resigns After Workplace Investigation
1 day 11 hours ago
The UK’s data protection regulator the information commissioner has resigned after his position became “untenable”
NCSC Urges Fortinet Customers to Tackle FortiBleed Fallout
1 day 12 hours ago
The NCSC has released guidance for Fortinet customers impacted by the FortiBleed threat campaign
AWS Unveils 'Continuum,' an AI-Powered Vulnerability Management Platform
4 days 9 hours ago
Working with frontier AI models, this new platform aims to help discovering, prioritizing, validating and remediating code vulnerabilities
Operation Endgame Disrupts Malware Network Linked to Major Ransomware Gang
4 days 10 hours ago
SocGholish malware has been removed from 15,000 sites associated with Evil Corp hackers
Confidence Lacks in Threat Detection Across Non-Email Channels like Slack and Teams
4 days 11 hours ago
Half of cybersecurity leaders lack confidence in detecting threats on Slack, Teams and other non-email platforms, despite growing attacker focus
Fake GitHub Stars and AI Videos Mask a Crypto Clipper
5 days 5 hours ago
A Rust crypto clipper hides behind fake GitHub stars and AI-narrated YouTube videos
ICO Cautions Healthcare Worker After Princess of Wales Incident
5 days 5 hours ago
Hospital insider escapes criminal prosecution after attempting to sell royal’s medical records
Cybercriminals Are Worried About AI Taking Their Jobs Too
5 days 8 hours ago
Analysis of chatter on underground forums by Sophos finds that hackers fear AI could take work away from them
LATAM Infrastructure Hit by Fortinet and Ivanti Exploits
5 days 9 hours ago
CloudSEK maps Operation Escaneo, a campaign hitting Latin American infrastructure via perimeter bugs
Hostile States Behind 75% of Cyber-Attacks on UK Critical Infrastructure, NCSC Warns
5 days 11 hours ago
Richard Horne, the NCSC CEO, said three-quarters of cyber-attacks targeting UK critical infrastructure came from nation-state actors
Checked
30 minutes 26 seconds ago