News

OWASP has updated its Top 10 list of risks for LLMs and GenAI, upgrading several areas and introducing new categories

Aqua Security has observed threat actors using compromised Jupyter servers in a bid to illegally stream sporting events

Entrust claims deepfakes are driving a surge in digital identity fraud

Ransomware groups are targeting weekends and holidays to exploit understaffed security teams in order to get the best chance of a pay day

Sophos MDR has observed a new campaign that uses targeted phishing to entice the target to download a legitimate remote machine management tool to dump credentials. We believe with moderate confidence that this activity, which we track as STAC 1171, is related to an Iranian threat actor commonly referred to as MuddyWater or TA450. The […]

Steve Bellovin is retiring. Here’s his retirement talk, reflecting on his career and what the cybersecurity field needs next.

Easterly and her Deputy Director Nitin Natarajan are expected to leave office before President-elect Trump names a new leadership

T-Mobile was hit by Salt Typhoon, a Chinese cyber-espionage group targeting US and global telecom firms

Helldown ransomware has expanded its reach to target Linux and VMware systems, exploiting Zyxel firewall vulnerabilities and exfiltrating data

Palo Alto advised users to patch urgently as the vulnerability is critical and actively exploited in the wild