Amazon Web Services (AWS) recently released a new whitepaper, Overview of the AWS European Sovereign Cloud, available in English, German, and French, detailing the planned design and goals of this new infrastructure. The AWS European Sovereign Cloud is a new, independent cloud for Europe, designed to help public sector …
Google on Wednesday revealed five recent malware samples that were built using generative AI. The end results of each one were far below par with professional malware development, a finding that shows that vibe coding of malicious wares lags behind more traditional forms of development, which means it still …
The Gootloader malware loader operation has returned after a 7-month absence and is once again performing SEO poisoning to promote fake websites that distribute the malware. [...]
Hyundai AutoEver America is notifying individuals that hackers breached the company's IT environment and gained access to personal information. [...]
Application authorization is a critical component of modern software systems, determining what actions users can perform on specific resources. Many organizations have adopted Open Policy Agent (OPA) with its Rego policy language to implement fine-grained authorization controls across their applications and infrastructure. While OPA has proven effective for policy-as-code …
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning that threat actors are exploiting a critical remote command execution flaw in CentOS Web Panel (CWP). [...]
Second time's the charm for after Wiz rejected Google's $23B offer last year Google's second attempt to acquire cloud security firm Wiz is going a lot better than the first, with the Department of Justice clearing the $32 billion deal, which ranks as Google's largest-ever acquisition.... [...]
SonicWall's investigation into the September security breach that exposed customers' firewall configuration backup files concludes that state-sponsored hackers were behind the attack. [...]
Under a new partnership with the government aimed at combating fraud, Britain's largest mobile carriers have committed to upgrading their networks to eliminate scammers' ability to spoof phone numbers within a year. [...]
The University of Pennsylvania has confirmed that a hacker breached numerous internal systems related to the university's development and alumni activities and stole data in a cyberattack. [...]
Local privileges required to exploit flaw in Ryzen and Epyc CPUs. Some patches available, more on the way AMD will issue a microcode patch for a high-severity vulnerability that could weaken cryptographic keys across Epyc and Ryzen CPUs.... [...]
Security teams rely on dashboards and data feeds, but outdated or fragmented tools leave dangerous blind spots across assets, vulnerabilities, and credentials. Learn how Outpost24's CompassDRP unifies EASM and DRP to reveal what attackers see and what's already exposed. [...]
Google's Threat Intelligence Group (GTIG) has identified a major shift this year, with adversaries leveraging artificial intelligence to deploy new malware families that integrate large language models (LLMs) during execution. [...]
Meanwhile, others tried to social-engineer the chatbot itself Nation-state goons and cybercrime rings are experimenting with Gemini to develop a "Thinking Robot" malware module that can rewrite its own code to avoid detection, and build an AI agent that tracks enemies' behavior, according to Google Threat Intelligence Group.... [...]
Welcome to the first Cloud CISO Perspectives for November 2025. Today, Sandra Joyce, vice-president, Google Threat Intelligence, updates us on the state of the adversarial misuse of AI. As with all Cloud CISO Perspectives, the contents of this newsletter are posted to the Google Cloud blog. If you’re …
International authorities have dismantled three massive credit card fraud and money laundering networks, linked to losses exceeding €300 million ($344 million) and affecting over 4.3 million cardholders across 193 countries. [...]
For many in the research community, it’s gotten harder to be optimistic about the impacts of artificial intelligence. As authoritarianism is rising around the world, AI-generated “slop” is overwhelming legitimate media, while AI-generated deepfakes are spreading misinformation and parroting extremist messages. AI is making warfare more precise and …
Retailer's tech systems aren’t down anymore, but the same can’t be said for its rocky financials Marks & Spencer says its April cyberattack will cost around £136 million ($177.2 million) in total.... [...]
The U.S. Treasury Department imposed sanctions on two North Korean financial institutions and eight individuals involved in laundering cryptocurrency stolen in cybercrime and fraudulent IT worker schemes. [...]
A ‘three-letter person’ experiments with the new type-safe C, and is impressed Famed mathematician, cryptographer and coder Daniel J. Bernstein has tried out the new type-safe C/C++ compiler, and he's given it a favorable report.... [...]
After a £312M upgrade to the retiring OS, Defra still has 24,000 devices to replace The UK's Department for Environment, Food & Rural Affairs (Defra) has spent £312 million (c $407 million) modernizing its IT estate, including replacing tens of thousands of Windows 7 laptops with Windows 10 – which …
DHS rule would expand biometric collection to immigrants and some citizens linked to them If you're filing an immigration form - or helping someone who is - the Feds may soon want to look in your eyes, swab your cheek, and scan your face. The US Department of Homeland Security wants …
Threat actors are actively exploiting a critical vulnerability in the Post SMTP plugin installed on more than 400,000 WordPress sites, to take complete control by hijacking administrator accounts. [...]
The Apache Software Foundation disputes claims that its OpenOffice project suffered an Akira ransomware attack, after the threat actors claimed to have stolen 23 GB of corporate documents. [...]
Hundreds of malicious Android apps on Google Play were downloaded more than 40 million times between June 2024 and May 2025, notes a report from cloud security company Zscaler. [...]
Microsoft plans to remove Defender Application Guard from Office by December 2027, starting with the February 2026 release of Office version 2602. [...]
Curly COMrades strike again Russia's Curly COMrades is abusing Microsoft's Hyper-V hypervisor in compromised Windows machines to create a hidden Alpine Linux-based virtual machine that bypasses endpoint security tools, giving the spies long-term network access to snoop and deploy malware.... [...]
Security program fails to meet federal standards as government cuts drain resources The infosec program run by the US' Consumer Financial Protection Bureau (CFPB) "is not effective," according to a fresh audit published by the Office of the Inspector General (OIG).... [...]
The Swedish Authority for Privacy Protection (IMY) is investigating a cyberattack on IT systems supplier Miljödata that exposed data belonging to 1.5 million people. [...]
Japanese publishing giant Nikkei announced earlier today that its Slack messaging platform had been compromised, exposing the personal information of over 17,000 employees and business partners. [...]
European law enforcement authorities have arrested nine suspected money launderers who set up a cryptocurrency fraud network that stole over €600 million ($689 million) from victims across multiple countries. [...]
Attackers exploit web browsers' built-in behaviors to steal credentials, abuse extensions, and move laterall, slipping past traditional defenses. Learn from Keep Aware how browser-layer visibility and policy enforcement stop these hidden threats in real time. [...]
Check Point lifts lid on a quartet of Teams vulns that made it possible to fake the boss, forge messages, and quietly rewrite history Microsoft Teams, one of the world's most widely used collaboration tools, contained serious, now-patched vulnerabilities that could have let attackers impersonate executives, rewrite chat history …
The Russian hacker group Curly COMrades is abusing Microsoft Hyper-V in Windows to bypass endpoint detection and response solutions by creating a hidden Alpine Linux-based virtual machine to run malware. [...]
France-based victims hit especially hard, while UK named most-targeted country generally Researchers are seeing a "dramatic" increase in cybercrime involving physical violence across Europe, with at least 18 cases reported since the start of the year.... [...]
Redmond uncovers SesameOp, a backdoor hiding its tracks by using OpenAI’s Assistants API as a command channel Hackers have found a new use for OpenAI's Assistants API – not to write poems or code, but to secretly control malware.... [...]
Microsoft is warning of a scam involving online payroll systems. Criminals use social engineering to steal people’s credentials, and then divert direct deposits into accounts that they control. Sometimes they do other things to make it harder for the victim to realize what is happening. I feel like …
Threat actors are targeting a critical vulnerability in the JobMonster WordPress theme that allows hijacking of administrator accounts under certain conditions. [...]
South Korea's president laughed, so perhaps it was funny? Unlike China's censorship and snooping Chinese president Xi Jinping has joked that smartphones from Xiaomi might include backdoors.... [...]
55 cuffed last week after court ruled sting operation was legal Australian police last week made 55 arrests using evidence gathered with a backdoored messaging app that authorities distributed in the criminal community.... [...]
The emergence of AI as a transformative force is changing the way organizations approach security. While AI technologies can augment human expertise and increase the efficiency of security operations, they also introduce risks ranging from lower technical barriers for threat actors to inaccurate outputs. As AI adoption accelerates alongside …
Even AI has doubts about the claim that '80% of ransomware attacks are AI-driven' Do 80 percent of ransomware attacks really come from AI? MIT Sloan has now withdrawn a working paper that made that eyebrow-raising claim after criticism from security researcher Kevin Beaumont.... [...]
Rogues committed extortion while working for infosec firms A ransomware negotiator and an incident response manager at two separate cybersecurity firms have been indicted for allegedly carrying out ransomware attacks of their own against multiple US companies.... [...]
A remote access trojan dubbed SleepyDuck, and disguised as the well-known Solidity extension in the Open VSX open-source registry, uses an Ethereum smart contract to establish a communication channel with the attacker. [...]
Last year's winner scored a $65M funding round on a $300M valuation Cloud and AI security startups have two weeks to apply for a program that fast-tracks access to investors and mentors from Amazon Web Services, CrowdStrike, and Nvidia.... [...]
Microsoft security researchers have discovered a new backdoor malware that uses the OpenAI Assistants API as a covert command-and-control channel. [...]
Posted by Seth Jenkins, Project Zero Introduction I've recently been researching Pixel kernel exploitation and as part of this research I found myself with an excellent arbitrary write primitive...but without a KASLR leak. As necessity is the mother of all invention, on a hunch, I started researching the …
Old-school cargo heists reborn in the cyber age Cybercriminals are increasingly orchestrating lucrative cargo thefts alongside organized crime groups (OCGs) in a modern-day resurgence of attacks on freight companies.... [...]
Three former employees of cybersecurity incident response companies DigitalMint and Sygnia have been indicted for allegedly hacking the networks of five U.S. companies in BlackCat (ALPHV) ransomware attacks between May 2023 and November 2023. [...]
Threat actors are targeting freight brokers and trucking carriers with malicious links and emails to deploy remote monitoring and management tools (RMMs) that enable them to hijack cargo and steal physical goods. [...]