A Türkiye-affiliated threat actor exploited a zero-day security flaw in an Indian enterprise communication platform called Output Messenger as part of a cyber espionage attack campaign since April 2024. “These exploits have resulted in a collection of related user data from targets in Iraq,” the Microsoft Threat Intelligence team said. “The targets of the attack […]
Category Archives: Uncategorized
The $168 million judgment against NSO Group underscores how citizens put little store in the spyware industry’s justifications for circumventing security — but will it matter? Go to Source Author: Robert Lemos, Contributing Writer
Threat actors are scamming users by advertising legitimate-looking generative AI websites that, when visited, install credential-stealing malware onto the victim’s computer. Go to Source Author: Alexander Culafi, Senior News Writer, Dark Reading
The cybercriminals infected older wireless Internet routers with Anyproxy and 5socks malware in order to reconfigure them — all without the users’ knowledge. Go to Source Author: Kristina Beek, Associate Editor, Dark Reading
New research shows China is quickly catching up with the US in AI innovation. Experts weigh in on what it means for cyber defenders. Go to Source Author: Becky Bracken
ASUS has released updates to address two security flaws impacting ASUS DriverHub that, if successfully exploited, could enable an attacker to leverage the software in order to achieve remote code execution. DriverHub is a tool that’s designed to automatically detect the motherboard model of a computer and display necessary driver updates for subsequent installation by […]
Agentic-native startups threaten to reduce the zero-day problem to just a zero-hour issue. Of course, AI agents will accelerate offensive attacks as well. Go to Source Author: Paul Shomo
What do a source code editor, a smart billboard, and a web server have in common? They’ve all become launchpads for attacks—because cybercriminals are rethinking what counts as “infrastructure.” Instead of chasing high-value targets directly, threat actors are now quietly taking over the overlooked: outdated software, unpatched IoT devices, and open-source packages. It’s not just […]
Detecting leaked credentials is only half the battle. The real challenge—and often the neglected half of the equation—is what happens after detection. New research from GitGuardian’s State of Secrets Sprawl 2025 report reveals a disturbing trend: the vast majority of exposed company secrets discovered in public repositories remain valid for years after detection, creating an […]
Threat actors have been observed leveraging fake artificial intelligence (AI)-powered tools as a lure to entice users into downloading an information stealer malware dubbed Noodlophile. “Instead of relying on traditional phishing or cracked software sites, they build convincing AI-themed platforms – often advertised via legitimate-looking Facebook groups and viral social media campaigns,” Go to Source […]