Every time you think the industry has finally stopped doing some reckless, low-effort crap, somebody spins up a fresh box full of sketchy loaders, fake installers, recycled social-engineering bait, and enough exposed infrastructure to make you wonder if prod is just a public beta now - meanwhile som
A critical security vulnerability has been disclosed in Gogs, a popular open-source self-hosted Git service, that allows an authenticated user to execute arbitrary code under certain conditions. The security flaw, per Rapid7, is rated 9.4 on the CVSS scoring system. It does not have a CVE identifier
India's data-protection framework offers some guardrails but leaves wide room for interpretation in how those rules apply to AI training.
A newly discovered Android banking trojan known as OverlayPhantom is raising concerns among cybersecurity researchers after evidence revealed that the malware is actively targeting banking, financial, and cryptocurrency users across multiple Western countries. The malware campaign, uncovered by Cyb
A new malware campaign is targeting content creators, gamers, and AI enthusiasts by disguising itself as popular software tools like ChatGPT and Claude. The attackers are spreading a dangerous backdoor called DinDoor through fake installers hosted on trusted platforms, catching many users completely
A powerful phishing kit known as Tycoon 2FA has been making waves across the cybersecurity world since it first appeared in August 2023. The kit operates as a Phishing-as-a-Service (PhaaS) platform, meaning cybercriminals can rent and deploy it without building anything from scratch. Its primary goa
As the 2026 FIFA World Cup draws closer, cybercriminals are moving fast to cash in on the excitement. Researchers have uncovered a massive fraud operation targeting fans of the world’s biggest football tournament, with over 300 fake domains already live. The operation is sophisticated, well-funded,
Novee researchers discovered an account takeover vulnerability in the open source CFP management tool Pretalx. The post Vulnerability in Popular Conference Software Granted Attackers a 100% Talk Acceptance Rate appeared first on SecurityWeek.
The speech is the latest in a string of warnings from intelligence experts that Russia is stepping up hostile activity in a “gray zone” that falls just below the threshold of war. The post UK Cyberspying Chief Calls AI ‘an Unstoppable Force’ and Warns About Russia appeared first on SecurityWeek.
Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell. [...]
Microsoft has warned of an active cryptojacking campaign that makes use of artificial intelligence (AI) chatbot interactions as a mechanism for surfacing malicious download sites. "This emerging delivery technique extends social engineering beyond conventional search results and increases the visibi
Most organizations still picture cyber defense as a fortress problem: build stronger walls, add more guards, buy another detection engine. But modern incidents rarely crash through the front gate. They drift in disguised as routine activity, hide inside legitimate processes, and quietly accumulate r
Cybersecurity researchers have discovered a new malicious package on the npm registry that comes with information stealing capabilities. According to OX Security, the package, named "mouse5212-super-formatter," is designed to upload files from "/mnt/user-data," a dedicated directory used by Anthropi
India's cybersecurity challenge is shifting from deployment to operations. Most read. 01. Temus launches AI Foundry in Singapore to scale deployment ...
Taiwan’s digital security authorities have identified five major areas of concern following hundreds of reported cybersecurity incidents involving government agencies in 2025. According to Taiwan’s Ministry of Digital Affairs, the country recorded 726 cybersecurity incidents this year, highlighting
By Sharat Sinha, CEO, Airtel Business The world has entered an era where more than 20 billion connected devices generate continuous digital exhaust. In this hyperconnected environment, AI-native cybersecurity is emerging as a critical foundation for protecting digital ecosystems. Every transaction,
A new ransomware threat is making waves across dozens of industries and countries, using a surprisingly simple but effective approach to break into systems and lock victims out of their own data. NightSpire, first identified in early 2025, has already shown it is willing to cast a wide net, hitting
A newly discovered Linux malware known as Quasar Linux, or QLNX, is actively targeting software developers and DevOps engineers with a level of sophistication rarely seen in Linux-focused threats. Unlike most malware that relies on files stored on disk, QLNX runs almost entirely in memory, making it
You already know the feeling.The shift starts, and the queue is already full. Somewhere in that pile of hundreds of alerts is the one that actually matters — the lateral movement no one caught, the C2 beacon hiding behind a legitimate-looking domain, the first whisper of a ransomware chain. Your job
Notable integrations include CrowdStrike, Palo Alto Networks, Microsoft, Okta, Zscaler, Netskope, Cloudflare, Fortinet, and Wiz. The post Anthropic Expands Claude’s Enterprise Security Governance With 28 New Integrations appeared first on SecurityWeek.