HP’s latest threat report reveals hackers are abusing legitimate remote access tools and fake downloads to silently compromise corporate devices.
…
Someone has been posting fake data breach notifications, forcing the Maine Attorney General’s Office to act.
A security researcher said a flaw in FIFA’s online platforms allowed her to access several internal systems, including one that could have allowed her to take control of the TV stream of every World Cup match.
The US government crackdown on Anthropic’s Claude Fable 5 and Mythos 5 hides a glaring truth: AI models with advanced hacking capabilities will soon be the norm.
Three popular plugins served malicious JavaScript through a compromised CDN.
Varonis found a way to chain three bugs into one exploit that can lead to data exfiltration.

The cybersecurity industry is confronting a new reality: traditional vulnerability management is no longer enough. As enterprises rapidly deploy AI-powered applications, autonomous agents, and large language model (LLM) infrastructure, security teams a…
Google warns of ongoing data theft campaign attributed to Chinese nation-state attacker.

One of the largest open-source package repositories just spent a weekend cleaning up after a malware campaign that did not break into anything. It did not need to. Attackers seized control of more than 1,500 packages in the Arch User Repository, or AUR…

For most of the past decade, the security industry quietly gave up on prevention. Breaches were treated as inevitable, and the money went into detecting and cleaning up the mess afterwards. A new startup from two veterans of that industry says AI has m…