Attack & News

Latest cybersecurity news, threat reports, and attack campaigns

All Feeds Attack & News Gov Alerts / ISAC Vulnerability Alerts Privacy & Governance Fraud & Scams

519 articles

NEWSThe Register7 days ago

All the passwords were stored in Active Directory description fields

It was far too easy for a hacker to get the information

NEWSThe Register7 days ago

Commvault says it's time to rethink resiliency as AI crooks leave victims in a 'dark, dead' state

Those backup plans need backup testing

NEWSThe Register7 days ago

Bend the beam like Beckham to defeat anti-jamming tech

It's hard to stop a signal jammer if you can't locate the source, say Rice University researchers

NEWSThe Hacker News7 days ago

WhatsApp, Slack Notifications Could Hijack Google Gemini on Android

A single poisoned notification from WhatsApp, Slack, SMS, Signal, Instagram, or Messenger could have hijacked Google Gemini's voic…

NEWSWired Security7 days ago

xAI Asks Court to Strip Alleged Grok Deepfake Nudes Victims of Anonymity

Four people suing Elon Musk's AI firm under pseudonyms due to the risks of being identified may face a difficult choice: Reveal yo…

NEWScriticalSecurity Magazine7 days ago

Only 9% of Organizations Patch Critical Vulnerabilities in 24 Hours

Only 9% remediate high-severity flaws in production within 24 hours; 74% do so in one to seven days.

NEWSThe Hacker News7 days ago

Microsoft Fixes One-Click GitHub Dev Attack That Let Attackers Steal OAuth Tokens

Cybersecurity researchers have disclosed a one-click attack via Microsoft Visual Studio Code (VS Code) that makes it possible to s…

NEWShighThe Hacker News7 days ago

Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479)

Redis has patched a use-after-free in its blocking-client code that lets an authenticated user run arbitrary OS commands on the…

NEWShighThe Hacker News7 days ago

CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical flaw impacting Mirasvit Cache Warme…

NEWSThe Hacker News7 days ago

Google DoubleClick Abused in New Malspam Campaign to Deliver .NET Loader

Cybersecurity researchers have flagged a new malspam campaign that makes use of Google's DoubleClick domain as a way to evade dete…

NEWSSecurity Magazine7 days ago

OpenAI and CEO Sam Altman Accused of Prioritizing Profit Over Safety in Lawsuit

Florida has sued OpenAI and CEO Sam Altman, claiming they place the profits over safety.

NEWScriticalThe Hacker News7 days ago

Beyond the Zero-Day: See Your Network Like an Attacker | Webinar with HD Moore

Assume the breach. Zero-days keep shipping, AI is writing exploits faster than anyone patches, and "patch everything in time" stop…

NEWSThe Hacker News7 days ago

Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag

A development flag left switched on in production builds of several Microsoft 365 Android apps disabled the check that limits acco…

NEWShighThe Register7 days ago

Another bug hunter leaks Microsoft exploits in defiance of company’s handling of vulnerability disclosures

Researchers follow in Nightmare Eclipse’s footsteps, flipping off Redmond in favor of insta-leaks

NEWShighInfosecurity Magazine8 days ago

Infosecurity Europe: Vulnerability Management Innovator Konvu Wins Cyber Startup Award

Inaugural Infosecurity Europe Cyber Startup Award Winner Impresses Panel with Ability Help Prioritize Vulnerabilities in AI era

NEWSThe Hacker News8 days ago

Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)

The Fragmented State of Modern Enterprise Identity Enterprise IAM is approaching a breaking point. As organizations scale, identi…

NEWSThe Register8 days ago

UK banks offered access to OpenAI’s GPT-5.5 amid exclusion from Anthropic’s Glasswing expansion

150 new organizations inducted to cyber’s Soho House, including the first outside the US

NEWSInfosecurity Magazine8 days ago

Trump Signs Order Inviting Voluntary Review of Frontier AI Models

Trump's executive order invites voluntary pre-release review of frontier AI models

NEWShighThe Hacker News8 days ago

Unpatched Windows Search URI Vulnerability Lets Attackers Steal NTLMv2 Hashes

Cybersecurity researchers have disclosed details of an unpatched issue that could be exploited to disclose a user's NTLMv2 hash to…

NEWSInfosecurity Magazine8 days ago

Infosecurity Europe: How to Get Boards to Prioritize Cyber Risk Quantification

Cybersecurity leaders major companies discuss how they got support from the board on cyber risk

NEWSInfosecurity Magazine8 days ago

Anthropic Expands Mythos Access to 150 More Organizations

Anthropic widens Project Glasswing access to 150 more firms as patching becomes the bottleneck

NEWSInfosecurity Magazine8 days ago

Infosecurity Europe: Patch Responsibility Remains Up for Grabs as AI Unearths Decades of Flaws

The emergence of AI models capable to autonomously find and fix vulnerabilities at scale is having a significant impact on patchin…

NEWSInfosecurity Magazine8 days ago

Infosecurity Europe: Execs Must Treat Cyber Threats as Statecraft, ISACA Expert Say

Private firms are being targeted by nation-state groups for reasons beyond finance, argued ISACA’s Bharat Thakrar

NEWSInfosecurity Magazine8 days ago

Infosecurity Europe: AI-Powered Cybercrime Tools Surge on Dark Web

Halcyon’s Cynthia Kaiser lifts the lid on the dark web market for AI cybercrime tools

NEWSThe Register8 days ago

'Dumbass' criminal breaks the 'first rule of ransomware club'

You don't infect anyone in Russia or other CIS countries

NEWSThe Register8 days ago

Cisco sings Mythos' praises - but doesn't say how many bugs the model uncovered

Meanwhile, Anthropic adds 150 partners to Project Glasswing

NEWSWired Security8 days ago

Android Is Fighting Phone Scams With a New Feature to Prove Who’s Calling

Available for Android 12 and later, the anti-scam feature is baked into Google Dialer, which sends a silent “confirmation signal”…

NEWSSecurity Magazine8 days ago

Trump Signs Executive Order for Oversight of AI Models, Security Experts Discuss

President Trump has signed an executive order requesting AI companies to show models to the federal government. Security experts d…

NEWShighSecurity Magazine8 days ago

Hackers Tricked Instagram’s AI Chatbot to Hijack Accounts

Hackers deceived Instagram’s AI chatbot, prompting it to provide access to user accounts.

NEWSInfosecurity Magazine8 days ago

Infosecurity Europe: NCSC Urges Immediate Action to Boost Resilience as Uncertainty Persists

NCSC director of operations, Paul Chichester, says it’s time to future-proof cybersecurity today