4+ day, 9+ hour ago  (428+ words) A new malware-based credential-stealing campaign, which researchers are calling "DeepLoad," has been infecting enterprise business IT environments over the past In a report released Monday, ReliaQuest AI researchers Thassanai McCabe and Andrew Currie say the most relevant feature of this…...

1+ week, 9+ hour ago  (1341+ words) Mandia put the timeline more bluntly. "It's a perfect storm for offense over the next year or two," he said. The core problem, according to the executives, is speed. AI has made vulnerability discovery almost trivial, while remediation takes time…...

1+ week, 1+ day ago  (385+ words) A year-long effort to strengthen cybersecurity and modernize tech at U.S. intelligence agencies has led to policy standards for using AI to bolster cyber defenses, a shared repository of all apps that have undergone a cybersecurity review and more, the Office…...

1+ week, 1+ day ago  (84+ words) When iPhone exploits turn into commodities'CyberScoop A sophisticated iPhone exploit kit known as DarkSword has escaped the world of targeted espionage and landed in public view'leaked on GitHub in a form that researchers say is trivial to repurpose and deploy....

1+ week, 2+ day ago  (413+ words) Google is accelerating its timeline for migrating its products to quantum resistant encryption to 2029, the latest sign that tech leaders are worried that they haven't been aggressive enough in planning for a post-quantum future. In a blog posted Wednesday, vice…...

1+ week, 3+ day ago  (709+ words) Leaked iOS spyware has some cybersecurity professionals raising urgent alarms about potential mass iPhone compromises, a development that pairs ominously with the recent discovery of two sophisticated iOS exploit kits. Allan Liska, field chief information security officer at Recorded Future,…...

1+ week, 4+ day ago  (583+ words) A phishing campaign tied to AI cloud-hosting service Railway has given hackers access to the Microsoft cloud accounts for hundreds of businesses, according to researchers at Huntress. Rich Mozeleski, product manager for Huntress" identity team, told CyberScoop the campaign is…...

1+ week, 4+ day ago  (462+ words) Voice-based phishing, a form of social engineering where attackers call employees or IT help desks under false pretenses in an attempt to gain access to victim networks, surged in 2025, Mandiant said Monday in its annual M-Trends report." These points of…...

2+ week, 16+ hour ago  (307+ words) Researchers and threat hunters are scrambling to contain a maximum-severity defect in Ubiquiti's UniFi Network Application that attackers could exploit to take over user accounts by accessing and manipulating files. The path-traversal vulnerability " CVE-2026-22557 " affects software used to manage UniFi…...

2+ week, 1+ day ago  (133+ words) Chris Formosa breaks down the Socksescort disruption'a proxy botnet powered by AVRecon that compromised edge devices at scale In this episode, we sit down with Chris Formosa to break down the Socksescort disruption'a proxy botnet powered by AVRecon that compromised…...