Ransomware IAB abuses EDR for stealthy malware execution

An initial access broker tracked as Storm-0249 is abusing endpoint detection and response solutions and trusted Microsoft ...

North Korean hackers exploit React2Shell flaw in EtherRAT malware attacks

A new malware implant called EtherRAT, deployed in a recent React2Shell attack, runs five separate Linux persistence ...

Microsoft investigates Copilot outage affecting users in Europe

Microsoft is working to mitigate an ongoing incident that has been blocking users in Europe from accessing the company's ...

Malicious VSCode extensions on Microsoft's registry drop infostealers

Two malicious extensions on Microsoft's Visual Studio Code Marketplace infect developers' machines with information-stealing ...

Ransomware gangs turn to Shanya EXE packer to hide EDR killers

Several ransomware groups have been spotted using a packer-as-a-service (PaaS) platform named Shanya to assist in EDR ...

Google Chrome adds new security layer for Gemini AI agentic browsing

Google Chrome is introducing a new security architecture designed to protect upcoming agentic AI browsing features powered by ...

FinCEN says ransomware gangs extorted over $2.1B from 2022 to 2024

A new report by the Financial Crimes Enforcement Network (FinCEN) shows that ransomware activity peaked in 2023 before ...

Poland arrests Ukrainians utilizing 'advanced' hacking equipment

The police in Poland arrested three Ukrainian nationals for allegedly attempting to damage IT systems in the country using hacking equipment and for obtaining "computer data of particular importance ...

How Agentic BAS AI Turns Threat Headlines Into Defense Strategies

Picus Security explains why relying on LLM-generated attack scripts is risky and how an agentic approach maps real threat ...

Portugal updates cybercrime law to exempt security researchers

Portugal has modified its cybercrime law to establish a legal safe harbor for good-faith security research and to make ...

New wave of VPN login attempts targets Palo Alto GlobalProtect portals

A campaign has been observed targeting Palo Alto GlobalProtect portals with login attempts and launching scanning activity ...

Barts Health NHS discloses data breach after Oracle zero-day hack

Barts Health NHS Trust has announced that Clop ransomware actors have stolen files from a database by exploiting a ...