$ page 13/47

‘Mythos-ready’ security: CSA urges CISOs to prepare for accelerated AI threats

The Cloud Security Alliance urges CISOs to prepare for 'Mythos', a future class of AI-driven cyber threats that will shrink attack timelines to minute

6 min readApr 15

Kraken extortion attempt highlights the fine line between security research and crime

Cryptocurrency exchange Kraken revealed an extortion attempt after a “researcher” exploited a bug to steal $3M, blurring the line between hacking and

6 min readApr 15

Over 100 Chrome extensions caught stealing user accounts and data

Over 100 malicious Chrome extensions with 1.6M+ downloads were found stealing Google OAuth tokens, enabling full account takeover and ad fraud.

5 min readApr 15

Russia blocks social media platform Bluesky in escalating internet crackdown

Russia has blocked the decentralized social media platform Bluesky, adding it to a state-run blacklist as part of its escalating internet censorship c

5 min readApr 15

OpenAI caught in the crossfire of a North Korea-linked supply chain attack

OpenAI revoked a macOS code signing certificate after it was potentially compromised as part of a sophisticated, North Korea-linked supply chain attac

6 min readApr 14

Invisible threats: Analyzing state-sponsored fiber tapping, Windows rootkits, and the AI arms race

An analysis of this week's top threats, including state-sponsored infrastructure attacks, persistent UEFI rootkits, and a critical PDF zero-day.

6 min readApr 14

Rockstar Games data leaked online following breach at analytics partner

Data allegedly belonging to Rockstar Games has been leaked by the ShinyHunters gang after a breach at third-party analytics vendor Anodot.

6 min readApr 14

Adobe patches critical zero-day that was exploited for months

Adobe has patched a critical zero-day (CVE-2024-34097) in Acrobat and Reader that was actively exploited via malicious PDFs for at least four months.

2 min readApr 14

Claims of LinkedIn browser 'spying' clash with security research findings

Sensational claims of corporate espionage by LinkedIn's browser extension were largely refuted by researchers, who found its data collection served fe

2 min readApr 14

OpenAI rotates security certificates after supply chain attack hits development pipeline

A malicious package impersonating 'axios' was executed in a GitHub Actions workflow, forcing OpenAI to rotate potentially exposed macOS code-signing k

2 min readApr 14

OpenAI issues Mac app update after developer tool hit by supply chain attack

OpenAI released a precautionary update for its macOS app after a developer tool used in its creation pulled a malicious version of a code library.

2 min readApr 14

US and UK cyber leaders assess threat from advanced AI hacking model

New reports from US and UK security experts reveal the offensive cyber capabilities of a test AI model, signaling a new era of AI-driven threats.

2 min readApr 14