Stay Updated with the Latest Tech News
Get ahead of the curve with the latest insights, trends, and analysis in the tech world.
Browse by Category
Chinaโs Salt Typhoon Hacked US National Guard
Chinese hacking group Salt Typhoon targeted a National Guard unitโs network and tapped into communications with other units. The post Chinaโs Salt Typhoon Hacked US National Guard appeared first on SecurityWeek.
Published on: July 16, 2025 | Source:
Share on Facebook
Share in Tweet (rip twitter)
Share on LinkedIn
Share on Reddit
Share on Threads
Share on Bluesky
Deepfakes. Fake Recruiters. Cloned CFOs โ Learn How to Stop AI-Driven Attacks in Real Time
Social engineering attacks have entered a new eraโand theyโre coming fast, smart, and deeply personalized. Itโs no longer just suspicious emails in your spam folder. Todayโs attackers use generative AI, stolen branding assets, and deepfake tools to mimic your executives, hijack your social channels, and create convincing fakes of your website, emails, and even voice. They donโt just spoofโthey
Published on: July 16, 2025 | Source:Urgent: Google Releases Critical Chrome Update for CVE-2025-6558 Exploit Active in the Wild
Google on Tuesday rolled out fixes for six security issues in its Chrome web browser, including one that it said has been exploited in the wild. The high-severity vulnerability in question is CVE-2025-6558 (CVSS score: 8.8), which has been described as an incorrect validation of untrusted input in the browser's ANGLE and GPU components. "Insufficient validation of untrusted input in ANGLE and
Published on: July 16, 2025 | Source:New Konfety Malware Variant Evades Detection by Manipulating APKs and Dynamic Code
Cybersecurity researchers have discovered a new, sophisticated variant of a known Android malware referred to as Konfety that leverages the evil twin technique to enable ad fraud. The sneaky approach essentially involves a scenario wherein two variants of an application share the same package name: A benign "decoy" app that's hosted on the Google Play Store and its evil twin, which is
Published on: July 16, 2025 | Source:Former US Soldier Who Hacked AT&T and Verizon Pleads Guilty
Cameron John Wagenius pleaded guilty to charges related to hacking into US telecommunications companies. The post Former US Soldier Who Hacked AT&T and Verizon Pleads Guilty appeared first on SecurityWeek.
Published on: July 16, 2025 | Source:Google AI "Big Sleep" Stops Exploitation of Critical SQLite Vulnerability Before Hackers Act
Google on Tuesday revealed that its large language model (LLM)-assisted vulnerability discovery framework identified a security flaw in the SQLite open-source database engine before it could have been exploited in the wild. The vulnerability, tracked as CVE-2025-6965 (CVSS score: 7.2), is a memory corruption flaw affecting all versions prior to 3.50.2. It was discovered by Big Sleep, an
Published on: July 16, 2025 | Source:Altered Telegram App Steals Chinese Users' Android Data
Using more than 600 domains, attackers entice Chinese-speaking victims to download a vulnerable Telegram app that is nearly undetectable on older versions of Android.
Published on: July 16, 2025 | Source:Former Army soldier pleads guilty to widespread attack spree linked to AT&T, Snowflake and others
Cameron Wagenius faces a maximum of 27 years in prison. A researcher that helped with the investigation called this โone of the most significant wins in the fight against cybercrime.' The post Former Army soldier pleads guilty to widespread attack spree linked to AT&T, Snowflake and others appeared first on CyberScoop.
Published on: July 15, 2025 | Source:Lessons Learned From McDonald's Big AI Flub
McDonald's hiring platform was using its original default credentials and inadvertently exposed information belonging to possibly millions of job applicants.
Published on: July 15, 2025 | Source:AI Is Reshaping How Attorneys Practice Law
Experts recommend enhanced AI literacy, training around the ethics of using AI, and verification protocols to maintain credibility in an increasingly AI-influenced courtroom.
Published on: July 15, 2025 | Source:AsyncRAT Spawns Concerning Labyrinth of Forks
Since surfacing on GitHub in 2019, AsyncRAT has become a poster child for how open source malware can democratize cybercrime, with a mazelike footprint of variants available across the spectrum of functionality.
Published on: July 15, 2025 | Source:Waltz brushes off SignalGate questions, points finger at CISAย
In congressional testimony, President Trumpโs former national security adviser said his use of Signal to coordinate military operations was โdriven byโ cybersecurity guidance from CISA. The post Waltz brushes off SignalGate questions, points finger at CISA appeared first on CyberScoop.
Published on: July 15, 2025 | Source:AsyncRAT seeds family of more than 30 remote access trojans
ESET researchers observed tens of thousands of machines infected with AsyncRAT and its variants over the past year. The open-source malware is a popular tool among cybercriminals. The post AsyncRAT seeds family of more than 30 remote access trojans appeared first on CyberScoop.
Published on: July 15, 2025 | Source:Attackers Abuse AWS Cloud to Target Southeast Asian Governments
The intelligence-gathering cyber campaign introduces the novel HazyBeacon backdoor and uses legitimate cloud communication channels for command-and-control (C2) and exfiltration to hide its malicious activities.
Published on: July 15, 2025 | Source:Hyper-Volumetric DDoS Attacks Reach Record 7.3 Tbps, Targeting Key Global Sectors
Cloudflare on Tuesday said it mitigated 7.3 million distributed denial-of-service (DDoS) attacks in the second quarter of 2025, a significant drop from 20.5 million DDoS attacks it fended off the previous quarter. "Overall, in Q2 2025, hyper-volumetric DDoS attacks skyrocketed," Omer Yoachimik and Jorge Pacheco said. "Cloudflare blocked over 6,500 hyper-volumetric DDoS attacks, an average of 71
Published on: July 15, 2025 | Source:Newly Emerged GLOBAL GROUP RaaS Expands Operations with AI-Driven Negotiation Tools
Cybersecurity researchers have shed light on a new ransomware-as-a-service (RaaS) operation called GLOBAL GROUP that has targeted a wide range of sectors in Australia, Brazil, Europe, and the United States since its emergence in early June 2025. GLOBAL GROUP was "promoted on the Ramp4u forum by the threat actor known as '$$$,'" EclecticIQ researcher Arda Bรผyรผkkaya said. "The same actor controls
Published on: July 15, 2025 | Source:Virtual Event Preview: Cloud & Data Security Summit โ Tackling Exposed Attack Surfaces in the Cloud
Virtual event brings together leading experts, practitioners, and innovators for a full day of insightful discussions and tactical guidance on evolving threats and real-world defense strategies in cloud security. The post Virtual Event Preview: Cloud & Data Security Summit โ Tackling Exposed Attack Surfaces in the Cloud appeared first on SecurityWeek.
Published on: July 15, 2025 | Source:How Criminal Networks Exploit Insider Vulnerabilities
Criminal networks are adapting quickly, and they're betting that companies won't keep pace. Let's prove them wrong.
Published on: July 15, 2025 | Source:MITRE Launches AADAPT Framework for Financial Systems
The new framework is modeled after and meant to complement the MITRE ATT&CK framework, and it is aimed at detecting and responding to cyberattacks on cryptocurrency assets and other financial targets.
Published on: July 15, 2025 | Source:DDoS Attacks Blocked by Cloudflare in 2025 Already Surpass 2024 Totalย
Cloudflare has published its quarterly DDoS threat report for Q2 2025 and the company says it has blocked millions of attacks. The post DDoS Attacks Blocked by Cloudflare in 2025 Already Surpass 2024 Total appeared first on SecurityWeek.
Published on: July 15, 2025 | Source:Data Breach at Debt Settlement Firm Impacts 160,000 People
Pennsylvania-based Century Support Services is disclosing a data breach after its systems were hacked in November 2024. The post Data Breach at Debt Settlement Firm Impacts 160,000 People appeared first on SecurityWeek.
Published on: July 15, 2025 | Source:State-Backed HazyBeacon Malware Uses AWS Lambda to Steal Data from SE Asian Governments
Governmental organizations in Southeast Asia are the target of a new campaign that aims to collect sensitive information by means of a previously undocumented Windows backdoor dubbed HazyBeacon. The activity is being tracked by Palo Alto Networks Unit 42 under the moniker CL-STA-1020, where "CL" stands for "cluster" and "STA" refers to "state-backed motivation." "The threat actors behind this
Published on: July 15, 2025 | Source:Securing Agentic AI: How to Protect the Invisible Identity Access
AI agents promise to automate everything from financial reconciliations to incident response. Yet every time an AI agent spins up a workflow, it has to authenticate somewhere; often with a high-privilege API key, OAuth token, or service account that defenders canโt easily see. These โinvisibleโ non-human identities (NHIs) now outnumber human accounts in most cloud environments, and they have
Published on: July 15, 2025 | Source:AsyncRAT's Open-Source Code Sparks Surge in Dangerous Malware Variants Across the Globe
Cybersecurity researchers have charted the evolution of a widely used remote access trojan called AsyncRAT, which was first released on GitHub in January 2019 and has since served as the foundation for several other variants. "AsyncRAT has cemented its place as a cornerstone of modern malware and as a pervasive threat that has evolved into a sprawling network of forks and variants," ESET
Published on: July 15, 2025 | Source:Unmasking AsyncRAT: Navigating the labyrinth of forks
ESET researchers map out the labyrinthine relationships among the vast hierarchy of AsyncRAT variants
Published on: July 15, 2025 | Source:Zip Security Raises $13.5 Million in Series A Funding
Zip Securityโs Series A funding round led by Ballistic Ventures will help the company grow its engineering and go-to-market teams. The post Zip Security Raises $13.5 Million in Series A Funding appeared first on SecurityWeek.
Published on: July 15, 2025 | Source:Ransomware Group Claims Attack on Belk
DragonForce says it stole more than 150 gigabytes of data from US department store chain Belk in a May cyberattack. The post Ransomware Group Claims Attack on Belk appeared first on SecurityWeek.
Published on: July 15, 2025 | Source:North Korean Hackers Flood npm Registry with XORIndex Malware in Ongoing Attack Campaign
The North Korean threat actors linked to the Contagious Interview campaign have been observed publishing another set of 67 malicious packages to the npm registry, underscoring ongoing attempts to poison the open-source ecosystem via software supply chain attacks. The packages, per Socket, have attracted more than 17,000 downloads, and incorporate a previously undocumented version of a malware
Published on: July 15, 2025 | Source:MITRE Unveils AADAPT Framework to Tackle Cryptocurrency Threatsย
The MITRE AADAPT framework provides documentation for identifying, investigating, and responding to weaknesses in digital asset payments. The post MITRE Unveils AADAPT Framework to Tackle Cryptocurrency Threats appeared first on SecurityWeek.
Published on: July 15, 2025 | Source:Sesame Workshop Regains Control of Elmoโs Hacked X Account After Racist Posts
The account was compromised over the weekend and Elmoโs 650,000 followers were given antisemitic threats and a reference to the Jeffrey Epstein investigation. The post Sesame Workshop Regains Control of Elmoโs Hacked X Account After Racist Posts appeared first on SecurityWeek.
Published on: July 15, 2025 | Source:DOGE Denizen Marko Elez Leaked API Key for xAI
Marko Elez, a 25-year-old employee at Elon Musk's Department of Government Efficiency (DOGE), has been granted access to sensitive databases at the U.S. Social Security Administration, the Treasury and Justice departments, and the Department of Homeland Security. So it should fill all Americans with a deep sense of confidence to learn that Mr. Elez over the weekend inadvertently published a private key that allowed...
Published on: July 15, 2025 | Source:House passes bill to formalize NTIAโs cyber role following Salt Typhoon attacks
The bipartisan legislation would codify the agencyโs position as the one in charge of coordinating responses to incidents like the breach on U.S. telecoms. The post House passes bill to formalize NTIAโs cyber role following Salt Typhoon attacks appeared first on CyberScoop.
Published on: July 14, 2025 | Source:CitrixBleed 2 beckons sweeping alarm as exploits spread across the globe
The number of Citrix customers impacted by CVE-2025-5777 remains unknown, but researchers have already observed more than 11.5 million attack attempts, targeting thousands of sites. The post CitrixBleed 2 beckons sweeping alarm as exploits spread across the globe appeared first on CyberScoop.
Published on: July 14, 2025 | Source:Web-Inject Campaign Debuts Fresh Interlock RAT Variant
A cyber-threat campaign is using legitimate websites to inject victims with remote access Trojans belonging to the Interlock ransomware group, in order to gain control of devices.
Published on: July 14, 2025 | Source:Why skipping security prompting on Grokโs newest model is a huge mistake
An AI red-teaming company found that xAIโs Grok 4 is โnot suitable for enterprisesโ without substantial security prompting. The post Why skipping security prompting on Grokโs newest model is a huge mistake appeared first on CyberScoop.
Published on: July 14, 2025 | Source: