‘Mythos-ready’ security: CSA urges CISOs to prepare for accelerated AI threats
The Cloud Security Alliance urges CISOs to prepare for 'Mythos', a future class of AI-driven cyber threats that will shrink attack timelines to minute
Kraken extortion attempt highlights the fine line between security research and crime
Cryptocurrency exchange Kraken revealed an extortion attempt after a “researcher” exploited a bug to steal $3M, blurring the line between hacking and
Over 100 Chrome extensions caught stealing user accounts and data
Over 100 malicious Chrome extensions with 1.6M+ downloads were found stealing Google OAuth tokens, enabling full account takeover and ad fraud.
Russia blocks social media platform Bluesky in escalating internet crackdown
Russia has blocked the decentralized social media platform Bluesky, adding it to a state-run blacklist as part of its escalating internet censorship c
OpenAI caught in the crossfire of a North Korea-linked supply chain attack
OpenAI revoked a macOS code signing certificate after it was potentially compromised as part of a sophisticated, North Korea-linked supply chain attac
Invisible threats: Analyzing state-sponsored fiber tapping, Windows rootkits, and the AI arms race
An analysis of this week's top threats, including state-sponsored infrastructure attacks, persistent UEFI rootkits, and a critical PDF zero-day.
Rockstar Games data leaked online following breach at analytics partner
Data allegedly belonging to Rockstar Games has been leaked by the ShinyHunters gang after a breach at third-party analytics vendor Anodot.
Adobe patches critical zero-day that was exploited for months
Adobe has patched a critical zero-day (CVE-2024-34097) in Acrobat and Reader that was actively exploited via malicious PDFs for at least four months.
Claims of LinkedIn browser 'spying' clash with security research findings
Sensational claims of corporate espionage by LinkedIn's browser extension were largely refuted by researchers, who found its data collection served fe
OpenAI rotates security certificates after supply chain attack hits development pipeline
A malicious package impersonating 'axios' was executed in a GitHub Actions workflow, forcing OpenAI to rotate potentially exposed macOS code-signing k
OpenAI issues Mac app update after developer tool hit by supply chain attack
OpenAI released a precautionary update for its macOS app after a developer tool used in its creation pulled a malicious version of a code library.
US and UK cyber leaders assess threat from advanced AI hacking model
New reports from US and UK security experts reveal the offensive cyber capabilities of a test AI model, signaling a new era of AI-driven threats.











