Stay Updated with the Latest Tech News
Get ahead of the curve with the latest insights, trends, and analysis in the tech world.
Browse by Category
Popular Topics
#General #Development #Mobile Development #Cloud & DevOps #Cybersecurity & Privacy #AI & Data Science #Hardware & Gadgets #Design & UXIran-Linked Hackers Target Europe With New Malware
"Nimbus Manticore" is back at it, this time with improved variants of its flagship malware and targets that are outside its usual focus area.
Share on Facebook
Share in Tweet (rip twitter)
Share on LinkedIn
Share on Reddit
Share on Threads
Share on Bluesky
Telecom exec: Salt Typhoon inspiring other hackers to use unconventional techniques
AT&Tβs chief information security officer said attackers are going where traditional defenses are less commonly employed. The post Telecom exec: Salt Typhoon inspiring other hackers to use unconventional techniques appeared first on CyberScoop.
Attackers Use Phony GitHub Pages to Deliver Mac Malware
Threat actors are using a large-scale SEO poisoning campaign and fake GitHub repositories to deliver Atomic infostealers to Mac users.
Las Vegas police arrest minor accused of high-profile 2023 casino attacks
Officials accused the teenage boy of working with Scattered Spider, which attacked MGM Resorts and Caesars Entertainment in 2023. The post Las Vegas police arrest minor accused of high-profile 2023 casino attacks appeared first on CyberScoop.
ComicForm and SectorJ149 Hackers Deploy Formbook Malware in Eurasian Cyberattacks
Organizations in Belarus, Kazakhstan, and Russia have emerged as the target of a phishing campaign undertaken by a previously undocumented hacking group called ComicForm since at least April 2025. The activity primarily targeted industrial, financial, tourism, biotechnology, research, and trade sectors, cybersecurity company F6 said in an analysis published last week. The attack chain involves
Airport Chaos Shows Human Impact of 3rd-Party Attacks
Major EU airports such as Heathrow were disrupted over the weekend after a cyberattack hit the provider of check-in kiosk software, which caused delays and flight cancellations.
15 Years of Zero Trust: Why It Matters More Than Ever
With the emergence of AI-driven attacks and quantum computing, and the explosion of hyperconnected devices, zero trust remains a core strategy for security operations.
Mycroft Raises $3.5 Million for AI-Powered Security and Compliance Platform
The Canada-based company has emerged from stealth with autonomous AI agents designed to manage and operate the security and IT stack. The post Mycroft Raises $3.5 Million for AI-Powered Security and Compliance Platform appeared first on SecurityWeek.
Researchers Earn $150,000 for L1TF Exploit Leaking Data From Public Cloud
L1TF Reloaded is a vulnerability combining the old L1TF and half-Spectre hardware flaws to bypass deployed software mitigations. The post Researchers Earn $150,000 for L1TF Exploit Leaking Data From Public Cloud appeared first on SecurityWeek.
European Airport Disruptions Caused by Ransomware Attack
Collins Aerospace is reportedly having difficulties recovering from the ransomware attack. The post European Airport Disruptions Caused by Ransomware Attack appeared first on SecurityWeek.
β‘ Weekly Recap: Chrome 0-Day, AI Hacking Tools, DDR5 Bit-Flips, npm Worm & More
The security landscape now moves at a pace no patch cycle can match. Attackers arenβt waiting for quarterly updates or monthly fixesβthey adapt within hours, blending fresh techniques with old, forgotten flaws to create new openings. A vulnerability closed yesterday can become the blueprint for tomorrowβs breach. This weekβs recap explores the trends driving that constant churn: how threat
HoundBytes Launches Automated Security Analyst
The Romania-based company has launched WorkHorse and is preparing for a funding round to accelerate growth. The post HoundBytes Launches Automated Security Analyst appeared first on SecurityWeek.
Details About Chinese Surveillance and Propaganda Companies
Details from leaked documents: While people often look at Chinaβs Great Firewall as a single, all-powerful government system unique to China, the actual process of developing and maintaining it works the same way as surveillance technology in the West. Geedge collaborates with academic institutions on research and development, adapts its business strategy to fit different clientsβ needs, and even repurposes leftover...
How to Gain Control of AI Agents and Non-Human Identities
We hear this a lot: βWeβve got hundreds of service accounts and AI agents running in the background. We didnβt create most of them. We donβt know who owns them. How are we supposed to secure them?β Every enterprise today runs on more than users. Behind the scenes, thousands of non-human identities, from service accounts to API tokens to AI agents, access systems, move data, and execute tasks
Cyber threat information law hurtles toward expiration, with poor prospects for renewal
Short-term and long-term extensions alike for the 2015 Cybersecurity Information Sharing Act have fallen by the wayside despite industry and Trump administration advocacy. The post Cyber threat information law hurtles toward expiration, with poor prospects for renewal appeared first on CyberScoop.
Widespread Infostealer Campaign Targeting macOS Users
Threat actors rely on malicious GitHub repositories to infect LastPassβs macOS users with the Atomic infostealer. The post Widespread Infostealer Campaign Targeting macOS Users appeared first on SecurityWeek.
FBI Warns of Spoofed IC3 Website
Threat actors likely spoofed the official government website for personal information theft and monetary fraudulent activity. The post FBI Warns of Spoofed IC3 Website appeared first on SecurityWeek.
Why federal IT leaders must act now to deliver NISTβs post-quantum cryptography transition
The NIST standards show that with one year of progress behind us, there are five years of opportunity ahead. The post Why federal IT leaders must act now to deliver NISTβs post-quantum cryptography transition appeared first on CyberScoop.
Fortra Patches Critical GoAnywhere MFT Vulnerability
Tracked as CVE-2025-10035 (CVSS score of 10), the critical deserialization vulnerability could be exploited for command injection. The post Fortra Patches Critical GoAnywhere MFT Vulnerability appeared first on SecurityWeek.
Microsoft Patches Critical Entra ID Flaw Enabling Global Admin Impersonation Across Tenants
A critical token validation failure in Microsoft Entra ID (previously Azure Active Directory) could have allowed attackers to impersonate any user, including Global Administrators, across any tenant. The vulnerability, tracked as CVE-2025-55241, has been assigned the maximum CVSS score of 10.0. It has been described by Microsoft as a privilege escalation flaw in Azure Entra. There is no
Airport Cyberattack Disrupts More Flights Across Europe
The cyberattack affected software of Collins Aerospace, whose systems help passengers check in, print boarding passes and bag tags, and dispatch their luggage. The post Airport Cyberattack Disrupts More Flights Across Europe appeared first on SecurityWeek.
DPRK Hackers Use ClickFix to Deliver BeaverTail Malware in Crypto Job Scams
Threat actors with ties to the Democratic People's Republic of Korea (aka DPRK or North Korea) have been observed leveraging ClickFix-style lures to deliver a known malware called BeaverTail and InvisibleFerret. "The threat actor used ClickFix lures to target marketing and trader roles in cryptocurrency and retail sector organizations rather than targeting software development roles," GitLab
LastPass Warns of Fake Repositories Infecting macOS with Atomic Infostealer
LastPass is warning of an ongoing, widespread information stealer campaign targeting Apple macOS users through fake GitHub repositories that distribute malware-laced programs masquerading as legitimate tools. "In the case of LastPass, the fraudulent repositories redirected potential victims to a repository that downloads the Atomic infostealer malware," researchers Alex Cox, Mike Kosak, and
Researchers Uncover GPT-4-Powered MalTerminal Malware Creating Ransomware, Reverse Shell
Cybersecurity researchers have discovered what they say is the earliest example known to date of a malware that bakes in Large Language Model (LLM) capabilities. The malware has been codenamed MalTerminal by SentinelOne SentinelLABS research team. The findings were presented at the LABScon 2025 security conference. In a report examining the malicious use of LLMs, the cybersecurity company said
ShadowLeak Zero-Click Flaw Leaks Gmail Data via OpenAI ChatGPT Deep Research Agent
Cybersecurity researchers have disclosed a zero-click flaw in OpenAI ChatGPT's Deep Research agent that could allow an attacker to leak sensitive Gmail inbox data with a single crafted email without any user action. The new class of attack has been codenamed ShadowLeak by Radware. Following responsible disclosure on June 18, 2025, the issue was addressed by OpenAI in early August. "The attack
Friday Squid Blogging: Giant Squid vs. Blue Whale
A comparison aimed at kids.
Researchers raise alarm over maximum-severity defect in GoAnywhere file-transfer service
The vendor didnβt provide evidence of active exploitation, yet experts said itβs only a matter of time before that changes. The post Researchers raise alarm over maximum-severity defect in GoAnywhere file-transfer service appeared first on CyberScoop.
Patch Now: Max-Severity Fortra GoAnywhere Bug Allows Command Injection
Exploitation of the flaw, tracked as CVE-2025-10035, is highly dependent on whether systems are exposed to the Internet, according to Fortra.
Capture the Flag Competition Leads to Cybersecurity Career
As Splunk celebrates the 10th anniversary of Boss of the SOC competition, it continues to be a valuable platform for security professionals to test their skills, learn new techniques, and potentially advance their careers in cybersecurity.
Capture-the-Flag Competition Leads to Cybersecurity Career
As Splunk celebrates the 10th anniversary of Boss of the SOC competition, it continues to be a valuable platform for security professionals to test their skills, learn new techniques, and potentially advance their careers.
Zero Trust: Strengths and Limitations in the AI Attack Era
Zero Trust could help organizations fight back against attackers who use artificial intelligence, but new threats will require the architecture to evolve.
'ShadowLeak' ChatGPT Attack Allows Hackers to Invisibly Steal Emails
The loophole allows cyberattackers to exfiltrate company data via OpenAI's infrastructure, leaving no trace at all on enterprise systems.
UNC1549 Hacks 34 Devices in 11 Telecom Firms via LinkedIn Job Lures and MINIBIKE Malware
An Iran-nexus cyber espionage group known as UNC1549 has been attributed to a new campaign targeting European telecommunications companies, successfully infiltrating 34 devices across 11 organizations as part of a recruitment-themed activity on LinkedIn. Swiss cybersecurity company PRODAFT is tracking the cluster under the name Subtle Snail. It's assessed to be affiliated with Iran's Islamic
Trump administration planning expansion of U.S. quantum strategy
Multiple sources tell CyberScoop that options under consideration include executive orders or a national action plan, similar to the one the administration released for AI in July. The post Trump administration planning expansion of U.S. quantum strategy appeared first on CyberScoop.
In Other News: 600k Hit by Healthcare Breaches, Major ShinyHunters Hacks, DeepSeekβs Coding Bias
Noteworthy stories that might have slipped under the radar: Eve Security seed funding, Claroty report, patches from WatchGuard and Nokia. The post In Other News: 600k Hit by Healthcare Breaches, Major ShinyHunters Hacks, DeepSeekβs Coding Bias appeared first on SecurityWeek.