A Chinese APT is going where most APTs don’t: deep into the cloud, compromising supply chains and deploying uncommon malware. Go to Source Author: Nate Nelson, Contributing Writer
Category Archives: Uncategorized
A bug in the control board that connects peripheral devices in commonly used Dell laptops allowed malicious access all the way down to the firmware running on the device chip, new research finds. Go to Source Author: Becky Bracken
Music tastes, location information, even encrypted messages — Apple’s servers are gathering a “surprising” amount of personal data through Apple Intelligence, Lumia Security’s Yoav Magid warns in his new analysis. Go to Source Author: Becky Bracken
The operation disrupted countless scams, and authorities seized a significant amount of evidence and recovered nearly $100 million in lost funds. Go to Source Author: Kristina Beek
Cybersecurity researchers have shed light on a novel attack chain that employs phishing emails to deliver an open-source backdoor called VShell. The “Linux-specific malware infection chain that starts with a spam email with a malicious RAR archive file,” Trellix researcher Sagar Bade said in a technical write-up. “The payload isn’t hidden inside the file content […]
CVE-2025-43300 is the latest zero-day bug used in cyberattacks against “targeted individuals,” which could signify spyware or nation-state hacking. Go to Source Author: Rob Wright
The growing ecosystem of agents, chatbots, and machine credentials that outnumber human users by an order of magnitude is creating a poorly understood but potentially major security issue. Go to Source Author: Michael Morgenstern
Some insurers look to limit payouts to companies that don’t remediate serious vulnerabilities in a timely manner. Unsurprisingly, most companies don’t like those restrictions. Go to Source Author: Robert Lemos, Contributing Writer
AI-assisted security reviews from Anthropic and others could help level up enterprise application security in the era of vibe coding. Go to Source Author: Ericka Chickowski, Contributing Writer
While the furor from CISO prosecutions has died down, worries continue over a lack of liability protections and potential targeting by cybercriminals and hackers for their privileged roles. Go to Source Author: Robert Lemos, Contributing Writer