Stay Updated with the Latest Tech News
Get ahead of the curve with the latest insights, trends, and analysis in the tech world.
Browse by Category
AI can help defenders stop nation-state threat actors at machine speed
Cyber defenders say AI technologies are quickly evolving to help stop sophisticated threat groups, including Chinese adversaries, from embedding themselves inside target organizations. The post AI can help defenders stop nation-state threat actors at machine speed appeared first on CyberScoop.
Published on: April 23, 2025 | Source:
Share on Facebook
Share in Tweet (rip twitter)
Share on LinkedIn
Share on Reddit
Share on Threads
Share on Bluesky
Data Breach at Onsite Mammography Impacts 350,000
Massachusetts medical firm Onsite Mammography discloses data breach impacting the personal information of 350,000 patients. The post Data Breach at Onsite Mammography Impacts 350,000 appeared first on SecurityWeek.
Published on: April 23, 2025 | Source:How fraudsters abuse Google Forms to spread scams
The form and quiz-building tool is a popular vector for social engineering and malware. Hereβs how to stay safe.
Published on: April 23, 2025 | Source:Ripple's xrpl.js npm Package Backdoored to Steal Private Keys in Major Supply Chain Attack
The Ripple cryptocurrency npm JavaScript library named xrpl.js has been compromised by unknown threat actors as part of a software supply chain attack designed to harvest and exfiltrate users' private keys. The malicious activity has been found to affect five different versions of the package: 4.2.1, 4.2.2, 4.2.3, 4.2.4, and 2.14.2. The issue has been addressed in versions 4.2.5 and 2.14.3.
Published on: April 23, 2025 | Source:Zambia's Updated Cyber Laws Prompt Surveillance Warnings
Critics β which include the US embassy in Zambia β contend the just-signed Cyber Security Act and the Cyber Crime Act allow suppression of dissent and too much concentration of power.
Published on: April 23, 2025 | Source:Google Drops Cookie Prompt in Chrome, Adds IP Protection to Incognito
Google on Tuesday revealed that it will no longer offer a standalone prompt for third-party cookies in its Chrome browser as part of its Privacy Sandbox initiative. "We've made the decision to maintain our current approach to offering users third-party cookie choice in Chrome, and will not be rolling out a new standalone prompt for third-party cookies," Anthony Chavez, vice president of Privacy
Published on: April 23, 2025 | Source:Verizon: Edge Bugs Soar, Ransoms Lag, SMBs Bedeviled
The cybersecurity landscape confounded expectations in 2024, as anticipated threats and risk didn't materialize and less widely touted attack scenarios shot up.
Published on: April 23, 2025 | Source:Verizon discovers spike in ransomware and exploited vulnerabilities
Verizonβs 2025 Data Breach Investigations Report noted a 37% increase in ransomware attacks and a 34% increase in exploited vulnerabilities. The post Verizon discovers spike in ransomware and exploited vulnerabilities appeared first on CyberScoop.
Published on: April 23, 2025 | Source:Outside experts pick up the slack on safety testing on OpenAIβs newest model release
Independent testing by SplxAI found GPT-4.1 was three times more likely than its predecessor to bypass security safeguards and allow intentional misuse The post Outside experts pick up the slack on safety testing on OpenAIβs newest model release appeared first on CyberScoop.
Published on: April 22, 2025 | Source:How Emerging AI Frameworks Drive Business Value and Mitigate Risk
Understanding how multiple AI models speak to each other and deciding which framework to use requires careful evaluation of both the business benefits of advanced AI orchestration and the cybersecurity implications of connecting automated services.
Published on: April 22, 2025 | Source:Microsoft Purges Millions of Cloud Tenants in Wake of Storm-0558
The tech giant is boosting Entra ID and MSA security as part of the wide-ranging Secure Future Initiative (SFI) that the company launched following a Chinese APT's breach of its Exchange Online environment in 2023.
Published on: April 22, 2025 | Source:City of Abilene Goes Offline in Wake of Cyberattack
The Texas municipality is following its incident response playbook as it works with a third-party to investigate the scope and scale of the attack.
Published on: April 22, 2025 | Source:3 More Healthcare Orgs Hit by Ransomware Attacks
Dialysis firm DaVita, Wisconsin-based Bell Ambulance, and Alabama Ophthalmology Associates all suffered apparent or confirmed ransomware attacks this month.
Published on: April 22, 2025 | Source:'Cookie Bite' Entra ID Attack Exposes Microsoft 365
A proof-of-concept (PoC) attack vector exploits two Azure authentication tokens from within a browser, giving threat actors persistent access to key cloud services, including Microsoft 365 applications.
Published on: April 22, 2025 | Source:Docker Malware Exploits Teneo Web3 Node to Earn Crypto via Fake Heartbeat Signals
Cybersecurity researchers have detailed a malware campaign that's targeting Docker environments with a previously undocumented technique to mine cryptocurrency. The activity cluster, per Darktrace and Cado Security, represents a shift from other cryptojacking campaigns that directly deploy miners like XMRig to illicitly profit off the compute resources. This involves deploying a malware strain
Published on: April 22, 2025 | Source:Terra Security Automates Penetration Testing With Agentic AI
Agentic AI's appeal is growing as organizations seek more autonomous and hands-off approaches to their security protocols.
Published on: April 22, 2025 | Source:Android Improves Its Security
Android phones will soon reboot themselves after sitting idle for three days. iPhones have had this feature for a while; itβs nice to see Google add it to their phones.
Published on: April 22, 2025 | Source:Cloud Data Security Play Sentra Raises $50 Million Series BΒ
Sentra has now raised north of $100 million for controls technology to keep sensitive data out of misconfigured AI workflows. The post Cloud Data Security Play Sentra Raises $50 Million Series B appeared first on SecurityWeek.
Published on: April 22, 2025 | Source:DataKrypto Launches Homomorphic Encryption Framework to Secure Enterprise AI Models
DataKryptoβs FHEnom for AI combines real-time homomorphic encryption with trusted execution environments to protect enterprise data and models from leakage, exposure, and tampering. The post DataKrypto Launches Homomorphic Encryption Framework to Secure Enterprise AI Models appeared first on SecurityWeek.
Published on: April 22, 2025 | Source:Attackers stick with effective intrusion points, valid credentials and exploits
Infostealers fueled the staying power of identity-based attacks, increasing 84% on a weekly average last year, according to IBM X-Force. The post Attackers stick with effective intrusion points, valid credentials and exploits appeared first on CyberScoop.
Published on: April 22, 2025 | Source:Cyberattack Knocks Texas Cityβs Systems Offline
The city of Abilene, Texas, is scrambling to restore systems that have been taken offline in response to a cyberattack. The post Cyberattack Knocks Texas Cityβs Systems Offline appeared first on SecurityWeek.
Published on: April 22, 2025 | Source:GCP Cloud Composer Bug Let Attackers Elevate Access via Malicious PyPI Packages
Cybersecurity researchers have detailed a now-patched vulnerability in Google Cloud Platform (GCP) that could have enabled an attacker to elevate their privileges in the Cloud Composer workflow orchestration service that's based on Apache Airflow. "This vulnerability lets attackers with edit permissions in Cloud Composer to escalate their access to the default Cloud Build service account, which
Published on: April 22, 2025 | Source:DeepSeek Breach Opens Floodgates to Dark Web
The incident should serve as a critical wake-up call. The stakes are simply too high to treat AI security as an afterthought β especially when the Dark Web stands ready to capitalize on every vulnerability.
Published on: April 22, 2025 | Source:Open Source Security Firm Hopper Emerges From Stealth With $7.6M in Funding
Hopper has emerged from stealth mode with a solution designed to help organizations manage open source software risk. The post Open Source Security Firm Hopper Emerges From Stealth With $7.6M in Funding appeared first on SecurityWeek.
Published on: April 22, 2025 | Source:Legacy Google Service Abused in Phishing Attacks
A sophisticated phishing campaign abuses weakness in Google Sites to spoof Google no-reply addresses and bypass protections. The post Legacy Google Service Abused in Phishing Attacks appeared first on SecurityWeek.
Published on: April 22, 2025 | Source:5 Major Concerns With Employees Using The Browser
As SaaS and cloud-native work reshape the enterprise, the web browser has emerged as the new endpoint. However, unlike endpoints, browsers remain mostly unmonitored, despite being responsible for more than 70% of modern malware attacks. Keep Awareβs recent State of Browser Security report highlights major concerns security leaders face with employees using the web browser for most of their work.
Published on: April 22, 2025 | Source:Phishers Exploit Google Sites and DKIM Replay to Send Signed Emails, Steal Credentials
In what has been described as an "extremely sophisticated phishing attack," threat actors have leveraged an uncommon approach that allowed bogus emails to be sent via Google's infrastructure and redirect message recipients to fraudulent sites that harvest their credentials. "The first thing to note is that this is a valid, signed email β it really was sent from no-reply@google.com," Nick Johnson
Published on: April 22, 2025 | Source:UN Researchers Warn That Asian Scam Operations Are Spreading Across the Rest of the World
Transnational organized crime groups in East and Southeast Asia are spreading their lucrative scam operations across the globe, according to a UN report. The post UN Researchers Warn That Asian Scam Operations Are Spreading Across the Rest of the World appeared first on SecurityWeek.
Published on: April 22, 2025 | Source:Two Healthcare Orgs Hit by Ransomware Confirm Data Breaches Impacting Over 100,000
Bell Ambulance and Alabama Ophthalmology Associates have suffered data breaches affecting over 100,000 people after being targeted in ransomware attacks. The post Two Healthcare Orgs Hit by Ransomware Confirm Data Breaches Impacting Over 100,000 appeared first on SecurityWeek.
Published on: April 22, 2025 | Source:Rebuilding Maritime Cybersecurity Resilience: Charting an America First Course to Secure the U.S. Homeland
While the homeland security discussion has focused on the Southern Border, there is more than 95,000 miles of expansive U.S. coastline and over 360 ports that are the backbone to $5.4 trillion in economic activity and over 10 million jobs. The post Rebuilding Maritime Cybersecurity Resilience: Charting an America First Course to Secure the U.S. Homeland appeared first on CyberScoop.
Published on: April 22, 2025 | Source:Will super-smart AI be attacking us anytime soon?
What practical AI attacks exist today? βMore than zeroβ is the answer β and theyβre getting better.
Published on: April 22, 2025 | Source:Microsoft Secures MSA Signing with Azure Confidential VMs Following Storm-0558 Breach
Microsoft on Monday announced that it has moved the Microsoft Account (MSA) signing service to Azure confidential virtual machines (VMs) and that it's also in the process of migrating the Entra ID signing service as well. The disclosure comes about seven months after the tech giant said it completed updates to Microsoft Entra ID and MS for both public and United States government clouds to
Published on: April 22, 2025 | Source:Lotus Panda Hacks SE Asian Governments With Browser Stealers and Sideloaded Malware
The China-linked cyber espionage group tracked as Lotus Panda has been attributed to a campaign that compromised multiple organizations in an unnamed Southeast Asian country between August 2024 and February 2025. "Targets included a government ministry, an air traffic control organization, a telecoms operator, and a construction company," the Symantec Threat Hunter Team said in a new report
Published on: April 22, 2025 | Source:Whistleblower: DOGE Siphoned NLRB Case Data
A security architect with the National Labor Relations Board (NLRB) alleges that employees from Elon Musk's Department of Government Efficiency (DOGE) transferred gigabytes of sensitive data from agency case files in early March, using short-lived accounts configured to leave few traces of network activity. The NLRB whistleblower said the unusual large data outflows coincided with multiple blocked login attempts from...
Published on: April 22, 2025 | Source:'Fog' Hackers Troll Victims With DOGE Ransom Notes
Since January, threat actors distributing the malware have notched up more than 100 victims.
Published on: April 21, 2025 | Source: