Microsoft warns the window to patch known flaws is shrinking, while the window to abuse zero-days grows.
Microsoft warns WhatsApp users that VBS malware uses cloud services and renamed tools to gain persistent, hidden control over systems.
…
Storm infostealer hijacks session cookies, bypassing multi-factor authentication, harvesting credentials, and enabling persistent account access across enterprise and cryptocurrency systems globally.
…
As Trump threatens Iranian infrastructure, the US government warns that Iran has carried out its own digital attacks against US critical infrastructure.
A joint FBI, NSA, and CISA advisory warns that Iranian hackers have ‘escalated’ their tactics in response to the ongoing U.S.-Israel war with Iran.
The AI lab’s Project Glasswing will bring together Apple, Google, and more than 45 other organizations. They’ll use the new Claude Mythos Preview model to test advancing AI cybersecurity capabilities.
The new model will be used by a small number of high-profile companies to engage in defensive cybersecurity work.
Fancy Bear, also known as APT28, has taken over thousands of residential home routers to steal passwords and authentication tokens in a wide-ranging espionage operation.
There are simple steps everyone can take to identify a fake video – and most include pixel hunting.
The FBI’s new IC3 report dissects the state of ransomware, and discusses attacks on hospitals and critical infrastructure firms.
…