Stay Updated with the Latest Tech News
Get ahead of the curve with the latest insights, trends, and analysis in the tech world.
Browse by Category
Popular Topics
#General #Development #Mobile Development #Cloud & DevOps #Cybersecurity & Privacy #AI & Data Science #Hardware & Gadgets #Design & UXSIGINT During World War II
The NSA and GCHQ have jointly published a history of World War II SIGINT: βSecret Messengers: Disseminating SIGINT in the Second World War.β This is the story of the British SLUs (Special Liaison Units) and the American SSOs (Special Security Officers).
Share on Facebook
Share in Tweet (rip twitter)
Share on LinkedIn
Share on Reddit
Share on Threads
Share on Bluesky
Webinar: What the Next Wave of AI Cyberattacks Will Look Like β And How to Survive
The AI revolution isnβt coming. Itβs already here. From copilots that write our emails to autonomous agents that can take action without us lifting a finger, AI is transforming how we work. But hereβs the uncomfortable truth: Attackers are evolving just as fast. Every leap forward in AI gives bad actors new tools β deepfake scams so real they trick your CFO, bots that can bypass human review,
Fortinet, Ivanti Release August 2025 Security Patches
Fortinet and Ivanti have published new security advisories for their August 2025 Patch Tuesday updates. The post Fortinet, Ivanti Release August 2025 Security Patches appeared first on SecurityWeek.
Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws
Microsoft on Tuesday rolled out fixes for a massive set of 111 security flaws across its software portfolio, including one flaw that has been disclosed as publicly known at the time of the release. Of the 111 vulnerabilities, 16 are rated Critical, 92 are rated Important, two are rated Moderate, and one is rated Low in severity. Forty-four of the vulnerabilities relate to privilege
ICS Patch Tuesday: Major Vendors Address Code Execution Vulnerabilities
August 2025 ICS Patch Tuesday advisories have been published by Siemens, Schneider, Aveva, Honeywell, ABB and Phoenix Contact. The post ICS Patch Tuesday: Major Vendors Address Code Execution Vulnerabilities appeared first on SecurityWeek.
Charon Ransomware Hits Middle East Sectors Using APT-Level Evasion Tactics
Cybersecurity researchers have discovered a new campaign that employs a previously undocumented ransomware family called Charon to target the Middle East's public sector and aviation industry. The threat actor behind the activity, according to Trend Micro, exhibited tactics mirroring those of advanced persistent threat (APT) groups, such as DLL side-loading, process injection, and the ability
Adobe Patches Over 60 Vulnerabilities Across 13 Products
Adobeβs security updates fix vulnerabilities in Commerce, Substance, InDesign, FrameMaker, Dimension and other products. The post Adobe Patches Over 60 Vulnerabilities Across 13 Products appeared first on SecurityWeek.
Microsoft Patches Over 100 Vulnerabilities
Microsoftβs August 2025 Patch Tuesday updates address critical vulnerabilities in Windows, Office, and Hyper-V. The post Microsoft Patches Over 100 Vulnerabilities appeared first on SecurityWeek.
China Questions Security of AI Chips From NVIDIA, AMD
The US banned the sale of AI chips to China and then backed off. Now, Chinese sources are calling on NVIDIA to prove its AI chips have no backdoors.
Microsoft Patch Tuesday, August 2025 Edition
Microsoft today released updates to fix more than 100 security flaws in its Windows operating systems and other software. At least 13 of the bugs received Microsoft's most-dire "critical" rating, meaning they could be abused by malware or malcontents to gain remote access to a Windows system with little or no help from users.
Elevation-of-Privilege Vulns Dominate Microsoft's Patch Tuesday
The company's August security update consisted of patches for 111 unique Common Vulnerabilities and Exposures (CVEs).
Microsoft Patch Tuesday follows SharePoint attacks, Exchange server warnings
Despite serious alarm raised by officials, organizations have not applied the patch for Microsoft Exchange servers en masse. The post Microsoft Patch Tuesday follows SharePoint attacks, Exchange server warnings appeared first on CyberScoop.
Researchers Spot XZ Utils Backdoor in Dozens of Docker Hub Images, Fueling Supply Chain Risks
New research has uncovered Docker images on Docker Hub that contain the infamous XZ Utils backdoor, more than a year after the discovery of the incident. More troubling is the fact that other images have been built on top of these infected base images, effectively propagating the infection further in a transitive manner, Binarly REsearch said in a report shared with The Hacker News. The firmware
Guess what else GPT-5 is bad at? Security
OpenAI and Microsoft have said that GPT-5 is one of their safest and secure models out of the box yet. An AI red-teamer called its performance βterrible.β The post Guess what else GPT-5 is bad at? Security appeared first on CyberScoop.
Fortinet SSL VPNs Hit by Global Brute-Force Wave Before Attackers Shift to FortiManager
Cybersecurity researchers are warning of a "significant spike" in brute-force traffic aimed at Fortinet SSL VPN devices. The coordinated activity, per threat intelligence firm GreyNoise, was observed on August 3, 2025, with over 780 unique IP addresses participating in the effort. As many as 56 unique IP addresses have been detected over the past 24 hours. All the IP addresses have been
Cybercrime Groups ShinyHunters, Scattered Spider Join Forces in Extortion Attacks on Businesses
An ongoing data extortion campaign targeting Salesforce customers may soon turn its attention to financial services and technology service providers, as ShinyHunters and Scattered Spider appear to be working hand in hand, new findings show. "This latest wave of ShinyHunters-attributed attacks reveals a dramatic shift in tactics, moving beyond the group's previous credential theft and database
Inside the Dark Webβs Access Economy: How Hackers Sell the Keys to Enterprise Networks
Rapid7βs analysis of dark web forums reveals a thriving market where elite hackers sell corporate network access to buyers, turning cybercrime into a streamlined business. The post Inside the Dark Webβs Access Economy: How Hackers Sell the Keys to Enterprise Networks appeared first on SecurityWeek.
Charon Ransomware Emerges With APT-Style Tactics
The first documented deployment of the novel malware in a campaign against the Middle Eastern public sector and aviation industry may be tied to China's state-sponsored actor Earth Baxia.
Supply-chain dependencies: Check your resilience blind spot
Does your business truly understand its dependencies, and how to mitigate the risks posed by an attack on them?
How to Stay a Step Ahead of a Non-Obvious Threat
Securing business logic isn't just a technical requirement β it's a business imperative.
1Kosmos Raises $57 Million for Identity Verification and Authentication Platform
1Kosmos has raised $57 million in Series B funding, which brings the total raised by the company to $72 million. The post 1Kosmos Raises $57 Million for Identity Verification and Authentication Platform appeared first on SecurityWeek.
New βCurly COMradesβ APT Using NGEN COM Hijacking in Georgia, Moldova Attacks
A previously undocumented threat actor dubbed Curly COMrades has been observed targeting entities in Georgia and Moldova as part of a cyber espionage campaign designed to facilitate long-term access to target networks. "They repeatedly tried to extract the NTDS database from domain controllers -- the primary repository for user password hashes and authentication data in a Windows network,"
Now Live: CodeSecCon β Where Software Securityβs Next Chapter Unfolds (Virtual Event)
Taking place August 12-13, CodeSecCon is the premier virtual event bringing together developers and cybersecurity professionals to revolutionize the way applications are built, secured, and maintained. The post Now Live: CodeSecCon β Where Software Securityβs Next Chapter Unfolds (Virtual Event) appeared first on SecurityWeek.
ShinyHunters Tactics Now Mirror Scattered Spider
There's growing evidence that two of arguably the most dangerous cybercrime groups out there are tag-teaming big targets.
SAP Patches Critical S/4HANA Vulnerability
SAP has released 15 new security notes on the August 2025 Patch Tuesday, including for critical vulnerabilities. The post SAP Patches Critical S/4HANA Vulnerability appeared first on SecurityWeek.
The βIncriminating Videoβ Scam
A few years ago, scammers invented a new phishing email. They would claim to have hacked your computer, turned your webcam on, and videoed you watching porn or having sex. BuzzFeed has an article talking about a βshockingly realisticβ variant, which includes photos of you and your houseβmore specific information. The article contains βsteps you can take to figure out if itβs a scam,β but omits the first and most...
The Ultimate Battle: Enterprise Browsers vs. Secure Browser Extensions
Most security tools canβt see what happens inside the browser, but thatβs where the majority of work, and risk, now lives. Security leaders deciding how to close that gap often face a choice: deploy a dedicated Enterprise Browser or add an enterprise-grade control layer to the browsers employees already use and trust. The Ultimate Battle: Enterprise Browsers vs. Enterprise Browser Extensions
How the always-on generation can level up its cybersecurity game
Digital natives are comfortable with technology, but may be more exposed to online scams and other threats than they think
OT Networks Targeted in Widespread Exploitation of Erlang/OTP Vulnerability
The recently patched Erlang/OTP flaw CVE-2025-32433 has been exploited since early May, shortly after its existence came to light. The post OT Networks Targeted in Widespread Exploitation of Erlang/OTP Vulnerability appeared first on SecurityWeek.
Dutch NCSC Confirms Active Exploitation of Citrix NetScaler CVE-2025-6543 in Critical Sectors
The Dutch National Cyber Security Centre (NCSC-NL) has warned of cyber attacks exploiting a recently disclosed critical security flaw impacting Citrix NetScaler ADC products to breach organizations in the country. The NCSC-NL said it discovered the exploitation of CVE-2025-6543 targeting several critical organizations within the Netherlands, and that investigations are ongoing to determine the
BlackSuit Ransomware Takes an Infrastructure Hit From Law Enforcement
A swarm of US agencies joined with international partners to take down servers and domains and seize more than $1 million associated with BlackSuit (Royal) ransomware operations, a group that has been a chronic, persistent threat against critical infrastructure.
Why cyber modernization requires partners with technical plus acquisition expertise
Navigating the rapid pace of technology within procurement constraints requires experts who understand both and know how to leverage cloud partners. The post Why cyber modernization requires partners with technical plus acquisition expertise appeared first on CyberScoop.
Researchers determine old vulnerabilities pose real-world threat to sensitive data in public clouds
The presentation Monday revises the old Spectre vulnerability in a new scenario, demonstrating thereβs not enough focus on the danger. The post Researchers determine old vulnerabilities pose real-world threat to sensitive data in public clouds appeared first on CyberScoop.
REvil Actor Accuses Russia of Planning 2021 Kaseya Attack
REvil affiliate Yaroslav Vasinskyi, who was convicted last year for his role in the 2021 Kaseya ransomware supply chain attack, said the Russian government was instrumental to the attack's execution.
Black Hat NOC Expands AI Implementation Across Security Operations
Corelight's James Pope gives Dark Reading an inside look at this year's Black Hat Network Operations Center, detailing security challenges and rising trends β many related to increased AI use.