Stay Updated with the Latest Tech News
Get ahead of the curve with the latest insights, trends, and analysis in the tech world.
Browse by Category
[Free Webinar] Guide to Securing Your Entire Identity Lifecycle Against AI-Powered Threats
How Many Gaps Are Hiding in Your Identity System? It’s not just about logins anymore. Today’s attackers don’t need to “hack” in—they can trick their way in. Deepfakes, impersonation scams, and AI-powered social engineering are helping them bypass traditional defenses and slip through unnoticed. Once inside, they can take over accounts, move laterally, and cause long-term damage—all without
Published on: April 30, 2025 | Source:
Share on Facebook
Share in Tweet (rip twitter)
Share on LinkedIn
Share on Reddit
Share on Threads
Share on Bluesky
WhatsApp Case Against NSO Group Progressing
Meta is suing NSO Group, basically claiming that the latter hacks WhatsApp and not just WhatsApp users. We have a procedural ruling: Under the order, NSO Group is prohibited from presenting evidence about its customers’ identities, implying the targeted WhatsApp users are suspected or actual criminals, or alleging that WhatsApp had insufficient security protections. […] In making her ruling, Northern District of...
Published on: April 30, 2025 | Source:Chinese Hackers Abuse IPv6 SLAAC for AitM Attacks via Spellbinder Lateral Movement Tool
A China-aligned advanced persistent threat (APT) group called TheWizards has been linked to a lateral movement tool called Spellbinder that can facilitate adversary-in-the-middle (AitM) attacks. "Spellbinder enables adversary-in-the-middle (AitM) attacks, through IPv6 stateless address autoconfiguration (SLAAC) spoofing, to move laterally in the compromised network, intercepting packets and
Published on: April 30, 2025 | Source:Meta Releases Llama AI Open Source Protection Tools
Meta has released new Llama protection tools to help the open source AI community build more secure applications. The post Meta Releases Llama AI Open Source Protection Tools appeared first on SecurityWeek.
Published on: April 30, 2025 | Source:Customer Account Takeovers: The Multi-Billion Dollar Problem You Don’t Know About
Everyone has cybersecurity stories involving family members. Here’s a relatively common one. The conversation usually goes something like this: “The strangest thing happened to my streaming account. I got locked out of my account, so I had to change my password. When I logged back in, all my shows were gone. Everything was in Spanish and there were all these Spanish shows I’ve never seen
Published on: April 30, 2025 | Source:Nebulous Mantis Targets NATO-Linked Entities with Multi-Stage Malware Attacks
Cybersecurity researchers have shed light on a Russian-speaking cyber espionage group called Nebulous Mantis that has deployed a remote access trojan called RomCom RAT since mid-2022. RomCom "employs advanced evasion techniques, including living-off-the-land (LOTL) tactics and encrypted command and control (C2) communications, while continuously evolving its infrastructure – leveraging
Published on: April 30, 2025 | Source:RansomHub Went Dark April 1; Affiliates Fled to Qilin, DragonForce Claimed Control
Cybersecurity researchers have revealed that RansomHub's online infrastructure has "inexplicably" gone offline as of April 1, 2025, prompting concerns among affiliates of the ransomware-as-a-service (RaaS) operation. Singaporean cybersecurity company Group-IB said that this may have caused affiliates to migrate to Qilin, given that "disclosures on its DLS [data leak site] have doubled since
Published on: April 30, 2025 | Source:France Blames Russia for Cyberattacks on Dozen Entities
France says the Russian state-sponsored group APT28 is responsible for targeting or compromising a dozen French entities. The post France Blames Russia for Cyberattacks on Dozen Entities appeared first on SecurityWeek.
Published on: April 30, 2025 | Source:TheWizards APT group uses SLAAC spoofing to perform adversary-in-the-middle attacks
ESET researchers analyzed Spellbinder, a lateral movement tool used to perform adversary-in-the-middle attacks
Published on: April 30, 2025 | Source:AirPlay Vulnerabilities Expose Apple Devices to Zero-Click Takeover
Vulnerabilities in Apple’s AirPlay protocol could have allowed attackers to execute code remotely without user interaction. The post AirPlay Vulnerabilities Expose Apple Devices to Zero-Click Takeover appeared first on SecurityWeek.
Published on: April 30, 2025 | Source:Chrome 136, Firefox 138 Patch High-Severity Vulnerabilities
Chrome 136 and Firefox 138 were released in the stable channel with patches for multiple high-severity vulnerabilities. The post Chrome 136, Firefox 138 Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
Published on: April 30, 2025 | Source:Meta Launches LlamaFirewall Framework to Stop AI Jailbreaks, Injections, and Insecure Code
Meta on Tuesday announced LlamaFirewall, an open-source framework designed to secure artificial intelligence (AI) systems against emerging cyber risks such as prompt injection, jailbreaks, and insecure code, among others. The framework, the company said, incorporates three guardrails, including PromptGuard 2, Agent Alignment Checks, and CodeShield. PromptGuard 2 is designed to detect direct
Published on: April 30, 2025 | Source:DARPA believes AI Cyber Challenge could upend patching as the industry knows it
Federal research leaders suggested Tuesday that AI could lead industries to “nearly eliminate software vulnerabilities” in critical infrastructure. The post DARPA believes AI Cyber Challenge could upend patching as the industry knows it appeared first on CyberScoop.
Published on: April 30, 2025 | Source:Indian Court Orders Action to Block Proton Mail Over AI Deepfake Abuse Allegations
A high court in the Indian state of Karnataka has ordered the blocking of end-to-end encrypted email provider Proton Mail across the country. The High Court of Karnataka, on April 29, said the ruling was in response to a legal complaint filed by M Moser Design Associated India Pvt Ltd in January 2025. The complaint alleged its staff had received e-mails containing obscene, abusive
Published on: April 30, 2025 | Source:DHS Secretary Noem: CISA needs to get back to ‘core mission’
In an appearance at the 2025 RSAC Conference, the Homeland Security secretary said the cyber agency was too focused on being the “Ministry of Truth” under the previous administration. The post DHS Secretary Noem: CISA needs to get back to ‘core mission’ appeared first on CyberScoop.
Published on: April 30, 2025 | Source:Cyber experts, Democrats urge Trump administration not to break up cyber coordination in State reorg
Splitting up the Cyberspace and Digital Policy bureau undercuts efforts to streamline cyber efforts at the department and undermines coordination in the U.S. and abroad, critics of the plan argue. The post Cyber experts, Democrats urge Trump administration not to break up cyber coordination in State reorg appeared first on CyberScoop.
Published on: April 29, 2025 | Source:Many Fuel Tank Monitoring Systems Vulnerable to Disruption
Thousands of automatic tank gauge (ATG) devices are accessible over the Internet and are just "a packet away" from compromise, security researcher warns at 2025 RSAC Conference.
Published on: April 29, 2025 | Source:Amazon, CrowdStrike leaders say private threat intel can quickly bring cybercriminals to justice
Threat intel experts expounded on how their data does not only serve to temporarily disrupt malicious activity, but find, arrest and convict cybercriminals for their offenses. The post Amazon, CrowdStrike leaders say private threat intel can quickly bring cybercriminals to justice appeared first on CyberScoop.
Published on: April 29, 2025 | Source:From Mission-Centric to People-Centric: Competitive Leadership in Cyber
Making a case for empathy in cyber-leadership roles as a strategic business advantage.
Published on: April 29, 2025 | Source:Hacking in Space: Not as Tough as You Might Think
Barbara Grofe, space asset security architect at Spartan Corp, discussed the realities of hacking in space, and the outlook is not pie-in-the-sky.
Published on: April 29, 2025 | Source:WhatsApp Launches Private Processing to Enable AI Features While Protecting Message Privacy
Popular messaging app WhatsApp on Tuesday unveiled a new technology called Private Processing to enable artificial intelligence (AI) capabilities in a privacy-preserving manner. "Private Processing will allow users to leverage powerful optional AI features – like summarizing unread messages or editing help – while preserving WhatsApp's core privacy promise," the Meta-owned service said in a
Published on: April 29, 2025 | Source:New Reports Uncover Jailbreaks, Unsafe Code, and Data Theft Risks in Leading AI Systems
Various generative artificial intelligence (GenAI) services have been found vulnerable to two types of jailbreak attacks that make it possible to produce illicit or dangerous content. The first of the two techniques, codenamed Inception, instructs an AI tool to imagine a fictitious scenario, which can then be adapted into a second scenario within the first one where there exists no safety
Published on: April 29, 2025 | Source:How do You Know if You’re Ready for a Red Team Partnership?
Before engaging in a full-scope exercise, it’s important to assess whether your program, people and processes are truly ready. The post How do You Know if You’re Ready for a Red Team Partnership? appeared first on SecurityWeek.
Published on: April 29, 2025 | Source:How Do You Know If You’re Ready for a Red Team Partnership?
Before engaging in a full-scope exercise, it’s important to assess whether your program, people and processes are truly ready. The post How Do You Know If You’re Ready for a Red Team Partnership? appeared first on SecurityWeek.
Published on: April 29, 2025 | Source:SentinelOne’s Purple AI Athena Brings Autonomous Decision-Making to the SOC
Athena marks a major leap in SOC automation, enabling real-time detection, triage, and remediation with minimal human oversight. The post SentinelOne’s Purple AI Athena Brings Autonomous Decision-Making to the SOC appeared first on SecurityWeek.
Published on: April 29, 2025 | Source:US Critical Infrastructure Still Struggles With OT Security
How does a company defend itself from cyberattacks by a foreign adversary? A collection of experts gathered at this year's RSAC Conference to explain how the US can help.
Published on: April 29, 2025 | Source:China’s Secret Weapon? How EV Batteries Could Be Weaponized to Disrupt America
As Xi Jinping advances his vision for China’s dominance by 2049, cybersecurity experts warn that connected technologies—like EV batteries—may quietly serve as tools of influence, espionage, and disruption. The post China’s Secret Weapon? How EV Batteries Could Be Weaponized to Disrupt America appeared first on SecurityWeek.
Published on: April 29, 2025 | Source:China’s Secret Weapon? How EV Batteries Could be Weaponized to Disrupt America
As Xi Jinping advances his vision for China’s dominance by 2049, cybersecurity experts warn that connected technologies—like EV batteries—may quietly serve as tools of influence, espionage, and disruption. The post China’s Secret Weapon? How EV Batteries Could be Weaponized to Disrupt America appeared first on SecurityWeek.
Published on: April 29, 2025 | Source:House passes legislation to criminalize nonconsensual deepfakes
The Take It Down Act received rare levels of bipartisan support in the House and Senate, but critics fear enforcement could threaten First Amendment protections and unduly burden smaller companies and encrypted applications. The post House passes legislation to criminalize nonconsensual deepfakes appeared first on CyberScoop.
Published on: April 29, 2025 | Source:Risks of Using AI Models Developed by Competing Nations
The current offline/open source model boom is unstoppable. Its impact depends on how well the risks are managed today.
Published on: April 29, 2025 | Source:Windows Backdoor Targets Members of Exiled Uyghur Community
A spear-phishing campaign sent Trojanized versions of legitimate word-processing software to members of the World Uyghur Congress as part of China's continued cyber-espionage activity against the ethnic minority.
Published on: April 29, 2025 | Source:SentinelOne Uncovers Chinese Espionage Campaign Targeting Its Infrastructure and Clients
Cybersecurity company SentinelOne has revealed that a China-nexus threat cluster dubbed PurpleHaze conducted reconnaissance attempts against its infrastructure and some of its high-value customers. "We first became aware of this threat cluster during a 2024 intrusion conducted against an organization previously providing hardware logistics services for SentinelOne employees," security
Published on: April 29, 2025 | Source:Pistachio Raises $7 Million for Cybersecurity Training Platform
Cybersecurity awareness training platform Pistachio has raised $7 million in a Series A funding round led by Walter Ventures. The post Pistachio Raises $7 Million for Cybersecurity Training Platform appeared first on SecurityWeek.
Published on: April 29, 2025 | Source:NVIDIA's New AI Security Offering Protects Against Software Landmines
NVIDIA's DOCA Argus prevents attacks before they compromise AI architectures.
Published on: April 29, 2025 | Source:LayerX Raises $11 Million for Browser Security Solution
Browser security firm LayerX has raised $11 million in a Series A funding round extension led by Jump Capital. The post LayerX Raises $11 Million for Browser Security Solution appeared first on SecurityWeek.
Published on: April 29, 2025 | Source: