News

America’s lead cyber-defense agency has warned that three Cisco Catalyst SD-WAN Manager bugs are under attack, and given federal agencies just four days to patch

A ClickFix campaign targeting macOS users delivers an AppleScript-based infostealer that collects credentials and live session cookies from 14 browsers, 16 cryptocurrency wallets, and more

The third of three former ransomware negotiators accused of assisting the ALPHV/BlackCat ransomware gang in extorting US businesses has pleaded guilty, months after his two

Vercel’s CEO reckons the crooks behind its recent breach likely had a helping hand from AI, saying the attackers moved with “surprising velocity” and a

A Mexican IT infrastructure and digital transformation biz is on clean-up duty after a criminal posted screenshots of what they claimed was company video surveillance

London’s Metropolitan Police is trialing new retail technology to help curtail the city’s pervasive shoplifting problem… and it doesn’t rely on live facial recognition (LFR).

UK enterprise software consultancy The Adaptavist Group is investigating a security breach after an intruder logged in with stolen credentials, while a ransomware crew claims

Japanese industrial giant Panasonic has created a new form of QR code it says will only work on designated devices and environments. The company revealed

Iranian media is claiming that the US used backdoors and/or botnets to disable networking equipment during the current war, and Chinese state media is dining

Vibe-coding platform Lovable is pooh-poohing a researcher’s finding that anyone could open a free account on the service and read other users’ sensitive info, including

One app should not modify another app without asking for and receiving your explicit consent. Yet Anthropic’s Claude Desktop for macOS installs files that affect

A Scottish man linked to the Scattered Spider cybercrime crew has pleaded guilty in the US to a phishing and SIM-swap scheme that stole at

Microsoft has pushed out an out-of-band update to address the restart loop that hit some Windows Server devices after its April update. The fix will

In March 2024, an affiliate of the BlackCat ransomware gang took to a cybercrime forum with a complaint. They’d carried out the attack on Change

Vercel, the company that created the open source Next.js web development framework, has a data leak that led to compromise of some customer credentials, and

kettle It’s a week of the year, which means there’s been the discovery of yet another prompt injection attack that will force supposedly well-guarded AI

OPINION AI vendors: “You need to use AI to fight AI threats (and do everything else in your corporate IT environment).” Also AI vendors: “That’s

CISA is sounding the alarm on a newly-exploited Apache ActiveMQ bug, ordering federal agencies to patch within two weeks as attackers circle a flaw that’s