Stay Updated with the Latest Tech News
Get ahead of the curve with the latest insights, trends, and analysis in the tech world.
Browse by Category
Popular Topics
#General #Development #Mobile Development #Cloud & DevOps #Cybersecurity & Privacy #AI & Data Science #Hardware & Gadgets #Design & UXUS Seeks Forfeiture of $7.74M in Cryptocurrency Tied to North Korean IT Workers
The US is seeking the forfeiture of $7.74 million in cryptocurrency in frozen wallets tied to North Korean fake IT workers schemes. The post US Seeks Forfeiture of $7.74M in Cryptocurrency Tied to North Korean IT Workers appeared first on SecurityWeek.
Share on Facebook
Share in Tweet (rip twitter)
Share on LinkedIn
Share on Reddit
Share on Threads
Share on Bluesky
Nigerian Involved in Hacking US Tax Preparation Firms Sentenced to PrisonΒ
Kingsley Uchelue Utulu has been sentenced to more than 5 years in prison for his role in a scheme that involved hacking, fraud and identity theft. The post Nigerian Involved in Hacking US Tax Preparation Firms Sentenced to Prison appeared first on SecurityWeek.
Trump Cybersecurity Executive Order Targets Digital Identity, Sanctions Policies
President Trump says his new cybersecurity executive order amends problematic elements of Biden- and Obama-era executive orders. The post Trump Cybersecurity Executive Order Targets Digital Identity, Sanctions Policies appeared first on SecurityWeek.
OpenAI Bans ChatGPT Accounts Used by Russian, Iranian, and Chinese Hacker Groups
OpenAI has revealed that it banned a set of ChatGPT accounts that were likely operated by Russian-speaking threat actors and two Chinese nation-state hacking groups to assist with malware development, social media automation, and research about U.S. satellite communications technologies, among other things. "The [Russian-speaking] actor used our models to assist with developing and refining
New Supply Chain Malware Operation Hits npm and PyPI Ecosystems, Targeting Millions Globally
Cybersecurity researchers have flagged a supply chain attack targeting over a dozen packages associated with GlueStack to deliver malware. The malware, introduced via a change to "lib/commonjs/index.js," allows an attacker to run shell commands, take screenshots, and upload files to infected machines, Aikido Security told The Hacker News, stating these packages collectively account for nearly 1
Malicious Browser Extensions Infect Over 700 Users Across Latin America Since Early 2025
Cybersecurity researchers have shed light on a new campaign targeting Brazilian users since the start of 2025 to infect users with a malicious extension for Chromium-based web browsers and siphon user authentication data. "Some of the phishing emails were sent from the servers of compromised companies, increasing the chances of a successful attack," Positive Technologies security researcher
Trump cyber executive order takes aim at prior orders, secure software, more
The administration has yet to release the text of the order, instead summarizing it in a fact sheet. The post Trump cyber executive order takes aim at prior orders, secure software, more appeared first on CyberScoop.
Trump cyber executive order takes aim at prior orders, secure software, identity
President Donald Trump signed an executive order Friday that rolls back parts of two executive orders from the Biden and Obama administrations. The post Trump cyber executive order takes aim at prior orders, secure software, identity appeared first on CyberScoop.
Friday Squid Blogging: Squid Run in Southern New England
Southern New England is having the best squid run in years. As usual, you can also use this squid post to talk about the security stories in the news that I havenβt covered.
Cutting-Edge ClickFix Tactics Snowball, Pushing Phishing Forward
Several widespread ClickFix campaigns are underway, bent on delivering malware to business targets, and they represent a new level of phishing sophistication that defenders need to be prepared for, researchers warn.
Hearing on the Federal Government and AI
On Thursday I testified before the House Committee on Oversight and Government Reform at a hearing titled βThe Federal Government in the Age of Artificial Intelligence.β The other speakers mostly talked about how cool AI wasβand sometimes about how cool their own company wasβbut I was asked by the Democrats to specifically talk about DOGE and the risks of exfiltrating our data from government agencies and feeding it...
F5 Acquires Agentic AI Security Startup Fletch
Agentic AI technology will be integrated into the recently launched F5 Application Delivery and Security Platform.
Docuseries Explores Mental, Physical Hardships of CISOs
During "CISO: The Worst Job I Ever Wanted," several chief information security officers reveal how difficult it is to be in a role that, despite being around for decades, remains undefined.
New Atomic macOS Stealer Campaign Exploits ClickFix to Target Apple Users
Cybersecurity researchers are alerting to a new malware campaign that employs the ClickFix social engineering tactic to trick users into downloading an information stealer malware known as Atomic macOS Stealer (AMOS) on Apple macOS systems. The campaign, according to CloudSEK, has been found to leverage typosquat domains mimicking U.S.-based telecom provider Spectrum. "macOS users are served a
Report on the Malicious Uses of AI
OpenAI just published its annual report on malicious uses of AI. By using AI as a force multiplier for our expert investigative teams, in the three months since our last report weβve been able to detect, disrupt and expose abusive activity including social engineering, cyber espionage, deceptive employment schemes, covert influence operations and scams. These operations originated in many parts of the world, acted in...
Synthetic Data Is Here to Stay, but How Secure Is It?
Synthetic data offers organizations a way to develop AI while maintaining privacy compliance but requires careful management to prevent re-identification risks and ensure model accuracy.
Empower Users and Protect Against GenAI Data Loss
When generative AI tools became widely available in late 2022, it wasnβt just technologists who paid attention. Employees across all industries immediately recognized the potential of generative AI to boost productivity, streamline communication and accelerate work. Like so many waves of consumer-first IT innovation before itβfile sharing, cloud storage and collaboration platformsβAI landed in
Microsoft Helps CBI Dismantle Indian Call Centers Behind Japanese Tech Support Scam
India's Central Bureau of Investigation (CBI) has revealed that it has arrested six individuals and dismantled two illegal call centers that were found to be engaging in a sophisticated transnational tech support scam targeting Japanese citizens. The law enforcement agency said it conducted coordinated searches at 19 locations across Delhi, Haryana, and Uttar Pradesh on May 28, 2025, as part of
MSFT-CrowdStrike 'Rosetta Stone' for Naming APTs: Meh?
Microsoft and CrowdStrike announced an effort to deconflict the overlapping names of threat groups and reduce confusion for companies, but we've been here before.
Cybersecurity M&A Roundup: 42 Deals Announced in May 2025
The number of cybersecurity-related merger and acquisition (M&A) announcements surged in May 2025. The post Cybersecurity M&A Roundup: 42 Deals Announced in May 2025 appeared first on SecurityWeek.
MIND Raises $30 Million for Data Loss Prevention
Data security firm MIND has raised $30 million in Series A funding to expand its R&D and go-to-market teams. The post MIND Raises $30 Million for Data Loss Prevention appeared first on SecurityWeek.
Inside the Mind of the Adversary: Why More Security Leaders Are Selecting AEV
Cybersecurity involves both playing the good guy and the bad guy. Diving deep into advanced technologies and yet also going rogue in the Dark Web. Defining technical policies and also profiling attacker behavior. Security teams cannot be focused on just ticking boxes, they need to inhabit the attackerβs mindset. This is where AEV comes in. AEV (Adversarial Exposure Validation) is an advanced
Destructive βPathWiperβ Targeting Ukraineβs Critical Infrastructure
A Russia-linked threat actor has used the destructive malware dubbed PathWiper against a critical infrastructure organization in Ukraine. The post Destructive βPathWiperβ Targeting Ukraineβs Critical Infrastructure appeared first on SecurityWeek.
Cisco Patches Critical ISE Vulnerability With Public PoC
Cisco has released patches for a critical vulnerability impacting cloud deployments of Identity Services Engine (ISE). The post Cisco Patches Critical ISE Vulnerability With Public PoC appeared first on SecurityWeek.
HPE Patches Critical Vulnerability in StoreOnce
An HPE StoreOnce vulnerability allows attackers to bypass authentication, potentially leading to remote code execution. The post HPE Patches Critical Vulnerability in StoreOnce appeared first on SecurityWeek.
US Offering $10 Million Reward for RedLine Malware Developer
A reward is being offered for Maxim Alexandrovich Rudometov, who is accused of developing and managing the RedLine malware. The post US Offering $10 Million Reward for RedLine Malware Developer appeared first on SecurityWeek.
New PathWiper Data Wiper Malware Disrupts Ukrainian Critical Infrastructure in 2025 Attack
A critical infrastructure entity within Ukraine was targeted by a previously unseen data wiper malware named PathWiper, according to new findings from Cisco Talos. "The attack was instrumented via a legitimate endpoint administration framework, indicating that the attackers likely had access to the administrative console, that was then used to issue malicious commands and deploy PathWiper across
Prep for Layoffs Before They Compromise Security
Mass layoffs create cybersecurity vulnerabilities through dormant accounts and disgruntled employees.
Proxy Services Feast on Ukraineβs IP Address Exodus
Ukraine has seen nearly one-fifth of its Internet space come under Russian control or sold to Internet address brokers since February 2022, a new study finds. The analysis indicates large chunks of Ukrainian Internet address space are now in the hands of proxy and anonymity services nested at some of America's largest Internet service providers (ISPs).
SecOps Need to Tackle AI Hallucinations to Improve Accuracy
AI is increasingly embedded into threat detection and response tools, but hallucinations can lead to false positive and inaccurate guidance. The AI-associated risk can't be completely eradicated, but SecOps teams can take steps to at least limit the effects.
SecOps Teams Need to Tackle AI Hallucinations to Improve Accuracy
The risks associated with AI embedded into threat detection and response tools can't be completely eradicated, but SecOps teams can take steps to at least limit the effects.
Gartner: Secure Enterprise Browser Adoption to Hit 25% by 2028
Secure enterprise browsers deliver multi-layered security, including web security, protection against malware on the endpoint, and defense against malicious extensions.
DOJ seizes $7.7M from crypto funds linked to North Koreaβs IT worker scheme
Authorities said they froze and seized the allegedly illegally obtained funds when North Korean nationals attempted to launder money linked to the long-running conspiracy. The post DOJ seizes $7.7M from crypto funds linked to North Koreaβs IT worker scheme appeared first on CyberScoop.
Digital Forensics Firm Cellebrite to Acquire Corellium
Cellebrite, a controversial digital forensics firm, is set to acquire virtualization vendor Corellium in a $170 million deal.
'PathWiper' Attack Hits Critical Infrastructure In Ukraine
Cisco Talos researchers observed the new wiper malware in a destructive attack against an unnamed critical infrastructure organization.