Don’t believe everything you read—especially when it’s part of a marketing pitch designed to sell security services. The latest example of the runaway hype that can come from such pitches is research published today by SquareX, a startup selling services for securing browsers and other client-side …

US Senator Ron Wyden accused the federal judiciary of “negligence and incompetence” following a recent hack, reportedly by hackers with ties to the Russian government, that exposed confidential court documents. The breach of the judiciary’s electronic case filing system first came to light in a report by Politico …

A high-severity zero-day in the widely used WinRAR file compressor is under active exploitation by two Russian cybercrime groups. The attacks backdoor computers that open malicious archives attached to phishing messages, some of which are personalized. Security firm ESET said Monday that it first detected the attacks on July …

Dozens of porn sites are turning to a familiar source to generate likes on Facebook—malware that causes browsers to surreptitiously endorse the sites. This time, the sites are using a newer vehicle for sowing this malware—.svg image files. The Scalable Vector Graphics format is an open standard …

In June, Google said it unearthed a campaign that was mass-compromising accounts belonging to customers of Salesforce. The means: an attacker pretending to be someone in the customer's IT department feigning some sort of problem that required immediate access to the account. Two months later, Google has disclosed that …

By now, you’ve likely heard of fraudulent calls that use AI to clone the voices of people the call recipient knows. Often, the result is what sounds like a grandchild, CEO, or work colleague you’ve known for years reporting an urgent matter requiring immediate action, saying to …

Cisco said that one of its representatives fell victim to a voice phishing attack that allowed threat actors to download profile information belonging to users of a third-party customer relationship management system. “Our investigation has determined that the exported data primarily consisted of basic account profile information of individuals …

AI search engine Perplexity is using stealth bots and other tactics to evade websites’ no-crawl directives, an allegation that if true violates Internet norms that have been in place for more than three decades, network security and optimization service Cloudflare said Monday. In a blog post, Cloudflare researchers said …

Russian-state hackers are targeting foreign embassies in Moscow with custom malware that gets installed using adversary-in-the-middle attacks that operate at the ISP level, Microsoft warned Thursday. The campaign has been ongoing since last year. It leverages ISPs in that country, which are obligated to work on behalf of the …

Hackers planted a Raspberry Pi equipped with a 4G modem in the network of an unnamed bank in an attempt to siphon money out of the financial institution's ATM system, researchers reported Wednesday. The researchers with security firm Group-IB said the “unprecedented tactic allowed the attackers to bypass perimeter …

Researchers needed less than 48 hours with Google’s new Gemini CLI coding agent to devise an exploit that made a default configuration of the tool surreptitiously exfiltrate sensitive data to an attacker-controlled server. Gemini CLI is a free, open-source AI tool that works in the terminal environment to …

Russia’s biggest airline cancelled dozens of flights on Monday following a failure of the state-owned company’s IT systems and, according to a Russian lawmaker and pro-Ukrainian hackers, was the result of a cyberattack, it was widely reported. The airline, Aeroflot, said it cancelled about 40 flights following …

Hot on the heels of a major ransomware group being taken down through an international law enforcement operation comes a new development that highlights the whack-a-mole nature of such actions: A new group, likely comprised of some of the same members, has already taken its place. The new group …

It has been a busy week for supply-chain attacks targeting open source software available in public repositories, with successful breaches of multiple developer accounts that resulted in malicious packages being pushed to unsuspecting users. The latest target, according to security firm Socket, is JavaScript code available on repository npm …

Government agencies and private industry have been under siege over the past four days following the discovery that a critical vulnerability in SharePoint, the widely used document-sharing app made by Microsoft, is under mass exploitation. Since that revelation, the fallout and the ever-increasing scope of the attacks have been …

In May 2020, Sacramento, California, resident Alfonso Nguyen was alarmed to find two Sacramento County Sheriff’s deputies at his door, accusing him of illegally growing cannabis and demanding entry into his home. When Nguyen refused the search and denied the allegation, one deputy allegedly called him a liar …

Authorities and researchers are sounding the alarm over the active mass exploitation of a high-severity vulnerability in Microsoft SharePoint Server that’s allowing attackers to make off with sensitive company data, including authentication tokens used to access systems inside networks. Researchers said anyone running an on-premises instance of SharePoint …

Researchers recently reported encountering a phishing attack in the wild that bypasses a multifactor authentication scheme based on FIDO (Fast Identity Online), the industry-wide standard being adopted by thousands of sites and enterprises. If true, the attack, reported in a blog post Thursday by security firm Expel, would be …

Researchers from Cisco’s Talos security team have uncovered a malware-as-a-service operator that used public GitHub accounts as a channel for distributing an assortment of malicious software to targets. The use of GitHub gave the malware-as-a-service (MaaS) a reliable and easy-to-use platform that’s greenlit in many enterprise networks …

Researchers from the Google Threat Intelligence Group said that hackers are compromising SonicWall Secure Mobile Access (SMA) appliances, which sit at the edge of enterprise networks and manage and secure access by mobile devices. The targeted devices are end of life, meaning they no longer receive regular updates for …

Hackers are stashing malware in a place that’s largely out of the reach of most defenses—inside domain name system (DNS) records that map domain names to their corresponding numerical IP addresses. The practice allows malicious scripts and early-stage malware to fetch binary files without having to download …

Nvidia is recommending a mitigation for customers of one of its GPU product lines that will degrade performance by up to 10 percent in a bid to protect users from exploits that could let hackers sabotage work projects and possibly cause other compromises. The move comes in response to …

Authorities in Europe have detained five people, including a former Russian professional basketball player, in connection with crime syndicates responsible for ransomware attacks. Until recently, one of the suspects, Daniil Kasatkin, played for MBA Moscow, a basketball team that’s part of the VTB United League, which includes teams …

Extensions installed on almost 1 million devices have been overriding key security protections to turn browsers into engines that scrape websites on behalf of a paid service, a researcher said. The 245 extensions, available for Chrome, Firefox, and Edge, have racked up nearly 909,000 downloads, John Tuckner of …

A critical vulnerability allowing hackers to bypass multifactor authentication in network management devices made by Citrix has been actively exploited for more than a month, researchers said. The finding is at odds with advisories from the vendor saying there is no evidence of in-the-wild exploitation. Tracked as CVE-2025-5777, the …