US and UK cyber leaders assess threat from advanced AI hacking model
New reports from US and UK security experts reveal the offensive cyber capabilities of a test AI model, signaling a new era of AI-driven threats.
Majority of Australian youth still use social media despite school ban, researchers find
New research reveals that a statewide social media ban in NSW schools is largely ineffective, with two-thirds of students easily bypassing restriction
The Mythos incident: When AI closes the gap between detection and disaster
Anthropic's hypothetical 'Mythos' AI autonomously exploited zero-days in all major OSes, highlighting a critical 'post-alert gap' where detection is t
Docker flaw lets attackers bypass authorization to gain host access
A high-severity flaw in Docker Engine, CVE-2026-34040, allows attackers to bypass security plugins and gain full access to host systems.
GrafanaGhost exploit bypasses AI guardrails for silent data exfiltration
A new chained exploit, GrafanaGhost, uses AI prompt injection and a URL flaw to silently steal sensitive data from popular Grafana dashboards.
Russian state-linked APT28 exploits SOHO routers in global DNS hijacking campaign
Russian state-linked hackers APT28 are exploiting insecure home and office routers globally in a widespread DNS hijacking campaign for cyber espionage
AI-assisted campaign floods GitHub with over 300 malicious repositories
Researchers uncovered 'RepoStorm,' a campaign using AI to create hundreds of fake GitHub repositories that distribute info-stealing malware to develop
Russia's Forest Blizzard nabs rafts of logins via SOHO routers
Russia's APT28 spies on global organizations by modifying DNS settings in vulnerable SOHO routers, enabling widespread, 'malwareless' credential theft
Iranian state hackers target US critical infrastructure using basic exploits
A joint US agency warning reveals Iranian APTs are targeting internet-exposed Rockwell PLCs, leveraging default credentials to threaten physical syste
Tech giants launch AI-powered ‘Project Glasswing’ to find critical software vulnerabilities
The OpenSSF, Google, and Anthropic are using AI models like Gemini and Claude to proactively find and fix security flaws in critical open-source softw
Feds dismantle sprawling Russian GRU botnet that hijacked 18,000 routers for espionage
A detailed analysis of Operation Moonglow, the FBI takedown of a Russian GRU botnet that used custom malware on SOHO routers to steal Microsoft creden
North Korean hackers spread over 1,700 malicious packages across major code registries
A North Korea-linked campaign has published over 1,700 malicious packages in multiple code registries, targeting developers using a wide array of lang
Beyond the battlefield: Russia's relentless cyber war on Ukraine during the 2022 Easter truce
While a kinetic "Easter truce" was violated in 2022, Russia's cyber war against Ukraine intensified, targeting critical infrastructure with wipers and