Edit | Quick Edit | Delete | View
Curated cybersecurity intelligence from trusted open-source feeds, including technical updates, threat reports, and emerging risks.
Federal law enforcement said a leader of 764, a violent extremist group, has been in federal custody since he was arrested in December and faces 29 charges for running a loose-knit collective involved in child exploitation, cyberstalking, kidnapping, animal torture, wire fraud and murder. Baron Cain Martin, 21, of Tucson, Arizona, allegedly joined the child…
The spear-phishing campaign uses fake European Commission and NATO-themed lures to trick diplomatic personnel into clicking malicious links.
A 43-year-old Ukrainian national allegedly involved in the Conti ransomware group pleaded not guilty in federal court Thursday to cybercrime charges that could land him in prison for up to 25 years, according to court documents. Oleksii Oleksiyovych Lytvynenko, also known as Alexsey Alexseevich Litvinenko, was arrested in Ireland in July 2023, extradited to the…
OpenAI has announced the launch of an “agentic security researcher” that’s powered by its GPT-5 large language model (LLM) and is programmed to emulate a human expert capable of scanning, understanding, and patching code. Called Aardvark, the artificial intelligence (AI) company said the autonomous agent is designed to help developers and security teams flag and fix…
Dark Reading Confidential: Cyber’s Role in the Rapid Rise of Digital Authoritarianism Dark Reading Confidential Episode 11: Enterprise cyber teams are in prime position to push back against our current “Golden Age of Surveillance,” according to our guests Ronald Deibert from Citizen Lab and David Greene from the EFF. Dark Reading Staff, Dark Reading October 31,…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA), along with international partners from Australia and Canada, have released guidance to harden on-premise Microsoft Exchange Server instances from potential exploitation. “By restricting administrative access, implementing multi-factor authentication, enforcing strict transport security
https://thehackernews.com/2025/10/a-new-security-layer-for-macos-takes.html A design firm is editing a new campaign video on a MacBook Pro. The creative director opens a collaboration app that quietly requests microphone and camera permissions. MacOS is supposed to flag that, but in this case, the checks are loose. The app gets access anyway. On another Mac in the same office, file…
A new security-focused AI model released Thursday by OpenAI aims to automate bug hunting, patching and remediation. The model, powered by ChatGPT-5 and given the name Aardvark, has been used internally at OpenAI and among external partners. Currently offered in an invite-only Beta, it’s designed to continuously scan source code repositories to find known vulnerabilities…
A notorious cybercriminal group has shifted its attention to the aviation industry, successfully breaching the computer networks of multiple airlines in the United States and Canada this month, according to the FBI and private experts responding to the hacks The hacking hasn’t affected airline safety, but it has top cyber executives at major airlines across…
Facebook, the social network platform owned by Meta, is asking for users to upload pictures from their phones to suggest collages, recaps, and other ideas using artificial intelligence (AI), including those that have not been directly uploaded to the service. According to TechCrunch, which first reported the feature, users are being served a new pop-up message asking…
https://cyberscoop.com/microsoft-security-updates-kernel-restrictions-downtime/#:~:text=Third%2Dparty%20antivirus%20software%20will,from%20unexpected%20crashes%20or%20disruptions. When a faulty software update from cybersecurity firm CrowdStrike last year caused possibly the largest IT outage in history, Microsoft ended up taking much of the blame. CrowdStrike’s Falcon endpoint detection and response was on millions of Windows devices worldwide, and like most antivirus products that need broad access to different systems to do…
https://cyberscoop.com/scattered-spider-aviation-hawaiian-airlines-cyberattack/ The aviation industry has seemingly become the latest target of Scattered Spider, a sophisticated cybercriminal group that has shifted its focus from retail and insurance companies to airlines in what cybersecurity experts describe as a coordinated campaign against the sector. Hawaiian Airlines disclosed a cybersecurity incident Friday affecting some of its IT systems while…
https://www.darkreading.com/vulnerabilities-threats/citrixbleed-2-active-exploitation If exploited, the critical vulnerability allows attackers to maintain access for longer periods of time than the original CitrixBleed flaw, all while remaining undetected.
https://thehackernews.com/2025/06/moveit-transfer-faces-increased-threats.html Threat intelligence firm GreyNoise is warning of a “notable surge” in scanning activity targeting Progress MOVEit Transfer systems starting May 27, 2025—suggesting that attackers may be preparing for another mass exploitation campaign or probing for unpatched systems.MOVEit Transfer is a popular managed file transfer solution used by businesses and government agencies to share sensitive…
https://thehackernews.com/2025/06/oneclik-malware-targets-energy-sector.html Cybersecurity researchers have detailed a new campaign dubbed OneClik that leverages Microsoft’s ClickOnce software deployment technology and bespoke Golang backdoors to compromise organizations within the energy, oil, and gas sectors. “The campaign exhibits characteristics aligned with Chinese-affiliated threat actors, though attribution remains cautious,” Trellix researchers Nico Paulo
https://www.infosecurity-magazine.com/news/cyber-fattah-leaks-data-saudi-games/ As tensions in the Middle East rise, hacktivist groups are coming out of the woodwork with their own agendas, leading to notable shifts in the hacktivist threat landscape.
https://thehackernews.com/2025/06/critical-open-vsx-registry-flaw-exposes.html Cybersecurity researchers have disclosed a critical vulnerability in the Open VSX Registry (“open-vsx[.]org”) that, if successfully exploited, could have enabled attackers to take control of the entire Visual Studio Code extensions marketplace, posing a severe supply chain risk. “This vulnerability provides attackers full control over the entire extensions marketplace, and in turn, full control.
https://cyberscoop.com/intelbroker-cybercriminal-kai-west-arrested/#:~:text=Kai%20West%2C%20a%20prolific%20cybercriminal,the%20Justice%20Department%20said%20Wednesday. Kai West, a prolific cybercriminal better known for operating under the moniker “IntelBroker,” was arrested in France earlier this year and faces federal charges for allegedly stealing data from more than 40 organizations during a two-year period, the Justice Department said Wednesday. Federal prosecutors unsealed a four-count indictment charging West, a British national, with…
https://www.darkreading.com/vulnerabilities-threats/geopolitical-tensions-shape-cyber-warfare In today’s cyber battlefield, resilience starts with readiness, and the cost of falling short increases by the day.
https://thehackernews.com/2025/06/critical-rce-flaws-in-cisco-ise-and-ise.html Cisco has released updates to address two maximum-severity security flaws in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) that could permit an unauthenticated attacker to execute arbitrary commands as the root user. The vulnerabilities, assigned the CVE identifiers CVE-2025-20281 and CVE-2025-20282, carry a CVSS score of 10.0 each. A description of…
https://thehackernews.com/2025/06/iranian-apt35-hackers-targeting-israeli.html An Iranian state-sponsored hacking group associated with the Islamic Revolutionary Guard Corps (IRGC) has been linked to a spear-phishing campaign targeting journalists, high-profile cyber security experts, and computer science professors in Israel. “In some of those campaigns, Israeli technology and cyber security professionals were approached by attackers who posed as fictitious assistants to