$ page 30/47

Bearlyfy hits Russian firms with custom GenieLocker ransomware

A pro-Ukrainian group, Bearlyfy, has launched over 70 attacks on Russian firms using GenieLocker, a custom ransomware designed for maximum disruption.

6 min readApr 1

Telegram's zero-click scare: A tale of two vulnerabilities

A critical Telegram Desktop flaw was patched a month before a separate, unverified claim caused widespread confusion. We unravel the details of what r

5 min readApr 1

How AI coding tools crushed the endpoint security fortress

A researcher's DEF CON presentation reveals how AI assistants can generate endless polymorphic malware, bypassing traditional signature-based EDR and

5 min readApr 1

FCC enforces ban on high-risk foreign network equipment, citing national security

The FCC is not banning all foreign routers, but enforcing a targeted ban on new equipment from high-risk firms like Huawei and ZTE to mitigate nationa

6 min readApr 1

From Trivy to broad OSS compromise: TeamPCP hits Docker Hub, VS Code, and PyPI

A deep dive into the threat actor TeamPCP, their claims of a broad OSS supply chain compromise, and how to defend your development pipeline.

6 min readApr 1

European Commission investigating breach after Amazon cloud hack

The EU's executive body is investigating a breach of its AWS infrastructure, raising serious questions about cloud security for high-profile governmen

6 min readApr 1

AI in the SOC: what could go wrong?

Two cybersecurity leaders tested AI in their SOCs for six months. Their findings reveal the promise and peril, from AI 'hallucinations' to new skill d

6 min readApr 1

Weekly recap: Telecom sleeper cells, LLM jailbreaks, and Apple's forced U.K. age checks

This week saw quiet but significant moves: state-sponsored threats burrow deeper into telecom networks, AI models face new jailbreaks, and Apple confr

6 min readApr 1

Axios NPM package compromised in targeted supply chain attack

The popular Axios NPM package was briefly compromised in a targeted supply chain attack designed to steal AWS credentials, highlighting ongoing securi

6 min readApr 1

Vertex AI vulnerability exposes Google Cloud data and private artifacts

A security blind spot in Google's Vertex AI lets attackers weaponize AI agents to bypass user permissions and steal sensitive cloud data via misconfig

6 min readApr 1

A weaponized gaze: How Israel allegedly turned Iran's own surveillance cameras into a targeting tool

Iran's vast surveillance network, meant for dissent control, was allegedly compromised by Israel and used in the assassination of a top nuclear scient

5 min readApr 1

BlueDelta’s persistent campaign against UKR.NET

Recorded Future links BlueDelta to a persistent phishing campaign targeting UKR.NET users, with broad espionage implications for Ukraine.

8 min readMar 23