News
Crafty Phishing Campaigns Auto-Adapt to Victim's Device, OS
18+ hour, 44+ min ago (641+ words) Threat actors are moving away from spray-n-pray phishing attacks in favor of campaigns that can automatically adapt to a target's device and operating system. "One method of detection that is appearing more often is the use of Cloudflare user-agent blocking,…...
Vulnerabilities Expose Private Data in Indian Government Systems
2+ day, 18+ hour ago (866+ words) One critical vulnerability, among many discovered by a researcher, could have allowed anyone to walk in and take over a national government portal. An independent security researcher identified 14 vulnerabilities affecting Indian government IT systems, which put an array of citizen…...
Third-Party Breaches Teach Schools a Costly Lesson in Vendor Risk
5+ day, 1+ hour ago (898+ words) Cybersecurity In-Depth: Feature articles on security strategy, latest trends, and people to know. Rising threats from third-party actors are forcing institutions to play defense to protect student data from ransomware and other attacks. Cybercriminals have long viewed the education sector,…...
AI Won't Wipe-Out Entry-Level Cybersecurity Jobs
5+ day, 23+ hour ago (574+ words) Instead of eliminating jobs for early-career cyber pros, AI is creating new opportunities for candidates with strong human decision-making skills. Related: Meeting Trump's 2030 Quantum Deadline Will be Expensive, Complex The burning question everyone has lately is: Are entry-level cybersecurity roles…...
Europe Evolves Into Ransomware's Favorite Region
1+ week, 5+ hour ago (811+ words) Breaking cybersecurity news, news analysis, commentary, and other content from around the world, with an initial focus on the Middle East & Africa and the Asia Pacific After a global lull, ransomware gangs are setting sights on a rich new arena:…...
Developer Machines And Supply Chain Security Risk
2+ week, 1+ day ago (759+ words) Compromised packages and tools now lead to credential theft. Securing developer identities is essential to limiting supply chain attacks. Here's how. Supply chain attacks are evolving faster than defenders can respond with one-off controls. Every week brings another variation of…...
Russian Attackers Weaponize Win RAR Flaw Against Ukraine
3+ week, 1+ day ago (875+ words) Two separate campaigns target CVE-2025-8088, fixed last July, to conduct data theft and cyberespionage against military and government targets in Ukraine. At least two Russia-aligned threat clusters have exploited a high-severity'Win RAR'flaw that has been patched for nearly a year…...
Exposed Fuel Tank Gauges Under Attack in the US
3+ week, 5+ day ago (712+ words) Threat actors are taking advantage of Internet-exposed tank gauges by breaching gas stations, opening the door to disruption. Cyberattackers are targeting Internet-exposed automatic tank gauge (ATG) systems in the United States, and the feds are urging site owners to take…...
FBI-Flagged Phishing Kit Kali365 Expands Its Reach
4+ week, 1+ day ago (355+ words) Once targeting just Microsoft 365, the phishing-as-a-service platform now aims at AWS, Okta, and Russian platforms, while relying on device code phishing. The operators of Kali365, a phishing-as-a-service platform that drew considerable attention for helping attackers bypass multifactor authentication (MFA) on Microsoft…...
'The Com' Cyberattacks Support Violence & Sexploitation
1+ mon, 4+ day ago (526+ words) Your organization's security failures have consequences for everyone else too, since this neo-Nazi-infested criminal gang uses its cyber winnings to support more violent and widespread crimes. The Com is a diffuse ecosystem of neo-Nazis, pedophiles, neo-Nazi pedophiles, the odd high-ranking…...