Stay Updated with the Latest Tech News
Get ahead of the curve with the latest insights, trends, and analysis in the tech world.
Browse by Category
⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors
What if attackers aren't breaking in—they're already inside, watching, and adapting? This week showed a sharp rise in stealth tactics built for long-term access and silent control. AI is being used to shape opinions. Malware is hiding inside software we trust. And old threats are returning under new names. The real danger isn’t just the breach—it’s not knowing who’s still lurking in your
Published on: May 05, 2025 | Source:
Share on Facebook
Share in Tweet (rip twitter)
Share on LinkedIn
Share on Reddit
Share on Threads
Share on Bluesky
Perfection is a Myth. Leverage Isn't: How Small Teams Can Secure Their Google Workspace
Let’s be honest: if you're one of the first (or the first) security hires at a small or midsize business, chances are you're also the unofficial CISO, SOC, IT Help Desk, and whatever additional roles need filling. You’re not running a security department. You are THE security department. You're getting pinged about RFPs in one area, and reviewing phishing alerts in another, all while sifting
Published on: May 05, 2025 | Source:TikTok Fined $600 Million for China Data Transfers That Broke EU Privacy Rules
EU privacy watchdog fined TikTok $600 million after a four-year investigation found that data transfers to China put users at risk of spying, in breach of strict EU data privacy rules. The post TikTok Fined $600 Million for China Data Transfers That Broke EU Privacy Rules appeared first on SecurityWeek.
Published on: May 05, 2025 | Source:Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data
The threat actors known as Golden Chickens have been attributed to two new malware families dubbed TerraStealerV2 and TerraLogger, suggesting continued development efforts to fine-tune and diversify their arsenal. "TerraStealerV2 is designed to collect browser credentials, cryptocurrency wallet data, and browser extension information," Recorded Future Insikt Group said. "TerraLogger, by contrast
Published on: May 05, 2025 | Source:Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack
Cybersecurity researchers have discovered three malicious Go modules that include obfuscated code to fetch next-stage payloads that can irrevocably overwrite a Linux system's primary disk and render it unbootable. The names of the packages are listed below - github[.]com/truthfulpharm/prototransform github[.]com/blankloggia/go-mcp github[.]com/steelpoor/tlsproxy "Despite appearing legitimate,
Published on: May 03, 2025 | Source:Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware
An Iranian state-sponsored threat group has been attributed to a long-term cyber intrusion aimed at a critical national infrastructure (CNI) in the Middle East that lasted nearly two years. The activity, which lasted from at least May 2023 to February 2025, entailed "extensive espionage operations and suspected network prepositioning – a tactic often used to maintain persistent access for future
Published on: May 03, 2025 | Source:U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems
The U.S. Department of Justice (DoJ) on Thursday announced charges against a 36-year-old Yemeni national for allegedly deploying the Black Kingdom ransomware against global targets, including businesses, schools, and hospitals in the United States. Rami Khaled Ahmed of Sana'a, Yemen, has been charged with one count of conspiracy, one count of intentional damage to a protected computer, and one
Published on: May 03, 2025 | Source:Friday Squid Blogging: Pyjama Squid
The small pyjama squid (Sepioloidea lineolata) produces toxic slime, “a rare example of a poisonous predatory mollusc.” As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Published on: May 02, 2025 | Source:Amazon, CrowdStrike, Google and Palo Alto Networks claim no change to threat intel sharing under Trump
Top security leaders at some of the largest tech and cybersecurity vendors said public-private collaborative work continues, despite budget cuts and personnel changes. The post Amazon, CrowdStrike, Google and Palo Alto Networks claim no change to threat intel sharing under Trump appeared first on CyberScoop.
Published on: May 02, 2025 | Source:UK Retailers Reeling From Likely Ransomware Attacks
A series of cyberattacks have struck multiple major British retailers in recent weeks, and a ransomware gang has reportedly claimed responsibility.
Published on: May 02, 2025 | Source:What NY's New Security Rules Mean for Finance Firms
According to the New York Department of Financial Services, finance companies operating in New York — even if not based there — must implement a variety of protections against unauthorized access to IT systems.
Published on: May 02, 2025 | Source:Privacy for Agentic AI
Sooner or later, it’s going to happen. AI systems will start acting as agents, doing things on our behalf with some degree of autonomy. I think it’s worth thinking about the security of that now, while its still a nascent idea. In 2019, I joined Inrupt, a company that is commercializing Tim Berners-Lee’s open protocol for distributed data ownership. We are working on a digital wallet that can make use of AI in this...
Published on: May 02, 2025 | Source:Trump administration proposes cutting $491M from CISA budget
A budget summary doesn’t give specific details on which programs it would cut, instead providing a broad outline. The post Trump administration proposes cutting $491M from CISA budget appeared first on CyberScoop.
Published on: May 02, 2025 | Source:Attackers Ramp Up Efforts Targeting Developer Secrets
Software teams need to follow security best practices to eliminate the leak of secrets, as threat actors increase their scanning for configuration and repository files.
Published on: May 02, 2025 | Source:Despite Arrests, Scattered Spider Continues High-Profile Hacking
While law enforcement has identified and arrested several alleged members, the notorious threat group continues to wreak havoc.
Published on: May 02, 2025 | Source:RSAC 2025 wrap-up – Week in security with Tony Anscombe
From the power of collaborative defense to identity security and AI, catch up on the event's key themes and discussions
Published on: May 02, 2025 | Source:Raytheon, Nightwing to Pay $8.4 Million in Settlement Over Cybersecurity Failures
The US government says defense contractor Raytheon and Nightwing agreed to pay $8.4 million to settle False Claims Act allegations. The post Raytheon, Nightwing to Pay $8.4 Million in Settlement Over Cybersecurity Failures appeared first on SecurityWeek.
Published on: May 02, 2025 | Source:TikTok Slammed With €530 Million GDPR Fine for Sending E.U. Data to China
Ireland's Data Protection Commission (DPC) on Friday fined popular video-sharing platform TikTok 530 million ($601 million) for infringing data protection regulations in the region by transferring European users' data to China. "TikTok infringed the GDPR regarding its transfers of EEA [European Economic Area] User Data to China and its transparency requirements," the DPC said in a statement. "
Published on: May 02, 2025 | Source:In Other News: NullPoint Source Code Leak, $17,500 for iPhone Flaw, BreachForums Down
Noteworthy stories that might have slipped under the radar: NullPoint Stealer source code leaked, researcher earns $17,500 from Apple for vulnerability, BreachForums down after zero-day exploitation by police. The post In Other News: NullPoint Source Code Leak, $17,500 for iPhone Flaw, BreachForums Down appeared first on SecurityWeek.
Published on: May 02, 2025 | Source:NCSC Guidance on “Advanced Cryptography”
The UK’s National Cyber Security Centre just released its white paper on “Advanced Cryptography,” which it defines as “cryptographic techniques for processing encrypted data, providing enhanced functionality over and above that provided by traditional cryptography.” It includes things like homomorphic encryption, attribute-based encryption, zero-knowledge proofs, and secure multiparty computation. It’s full of good...
Published on: May 02, 2025 | Source:Nova Scotia Power Says Hackers Stole Customer Information
Nova Scotia Power’s investigation has shown that the recent cyberattack resulted in the theft of some customer information. The post Nova Scotia Power Says Hackers Stole Customer Information appeared first on SecurityWeek.
Published on: May 02, 2025 | Source:How to Automate CVE and Vulnerability Advisory Response with Tines
Run by the team at workflow orchestration and AI platform Tines, the Tines library features pre-built workflows shared by security practitioners from across the community - all free to import and deploy through the platform’s Community Edition. A recent standout is a workflow that automates monitoring for security advisories from CISA and other vendors, enriches advisories with CrowdStrike
Published on: May 02, 2025 | Source:RSA Conference 2025 Announcement Summary (Day 3)
Hundreds of companies showcased their products and services this week at the 2025 edition of the RSA Conference in San Francisco. The post RSA Conference 2025 Announcement Summary (Day 3) appeared first on SecurityWeek.
Published on: May 02, 2025 | Source:MintsLoader Drops GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks
The malware loader known as MintsLoader has been used to deliver a PowerShell-based remote access trojan called GhostWeaver. "MintsLoader operates through a multi-stage infection chain involving obfuscated JavaScript and PowerShell scripts," Recorded Future's Insikt Group said in a report shared with The Hacker News. "The malware employs sandbox and virtual machine evasion techniques, a domain
Published on: May 02, 2025 | Source:Ukrainian Nefilim Ransomware Affiliate Extradited to US
Ukrainian national Artem Stryzhak was extradited to the US and charged with using Nefilim ransomware in attacks on large businesses. The post Ukrainian Nefilim Ransomware Affiliate Extradited to US appeared first on SecurityWeek.
Published on: May 02, 2025 | Source:Microsoft Sets Passkeys Default for New Accounts; 15 Billion Users Gain Passwordless Support
A year after Microsoft announced passkeys support for consumer accounts, the tech giant has announced a big change that pushes individuals signing up for new accounts to use the phishing-resistant authentication method by default. "Brand new Microsoft accounts will now be 'passwordless by default,'" Microsoft's Joy Chik and Vasu Jakkal said. "New users will have several passwordless options for
Published on: May 02, 2025 | Source:xAI Dev Leaks API Key for Private SpaceX, Tesla LLMs
A employee at Elon Musk's artificial intelligence company xAIleaked a private key on GitHub that for the past two months could have allowed anyone to query private xAI large language models (LLMs) which appear to have been custom made for working with internal data from Musk's companies, including SpaceX, Tesla and Twitter/X, KrebsOnSecurity has learned.
Published on: May 02, 2025 | Source:Ukrainian extradited to US for alleged Nefilim ransomware attack spree
Federal law enforcement officials accuse Artem Stryzhak, who was arrested in Spain last year, of attacking and extorting multiple companies between 2018 and 2021. The post Ukrainian extradited to US for alleged Nefilim ransomware attack spree appeared first on CyberScoop.
Published on: May 02, 2025 | Source:National Security Council cyber lead wants to ‘normalize’ offensive operations
Alexei Bulazel told an audience at the 2025 RSAC conference that he thinks “there's a lot we could do to increase costs on these actors.” The post National Security Council cyber lead wants to ‘normalize’ offensive operations appeared first on CyberScoop.
Published on: May 01, 2025 | Source:SANS Top 5: Cyber Has Busted Out of the SOC
This year's top cyber challenges include cloud authorization sprawl, ICS cyberattacks and ransomware, a lack of cloud logging, and regulatory constraints keeping defenders from fully utilizing AI's capabilities.
Published on: May 01, 2025 | Source:Enterprises Need to Beware of These 5 Threats
A panelist of SANS Institute leaders detailed current threats and provided actionable steps for enterprises to consider.
Published on: May 01, 2025 | Source:Quantum computer threat spurring quiet overhaul of internet security
Cryptography experts said a “Cambrian explosion” of standards is on its way as a response to worries over quantum computers breaking current algorithms. The post Quantum computer threat spurring quiet overhaul of internet security appeared first on CyberScoop.
Published on: May 01, 2025 | Source:Experts Debate Real ID Security Ahead of May 7 Deadline
Real IDs have been in the works since 2005. Are their security standards still rigorous enough in 2025?
Published on: May 01, 2025 | Source:Leaders of 764, global child sextortion group, arrested and charged
The Justice Department accuses two men of running a “network of nihilistic violent extremists” who engaged in and facilitated the grooming, manipulation and extortion of minors. The post Leaders of 764, global child sextortion group, arrested and charged appeared first on CyberScoop.
Published on: May 01, 2025 | Source:Getting Outlook.com Ready for Bulk Email Compliance
Microsoft has set May 5 as the deadline for bulk email compliance. In this Tech Tip, we show how organizations can still make the deadline.
Published on: May 01, 2025 | Source: