Microsoft flags China-based hackers using vicious new ‘rapid attack’ zero-days to launch ransomware at targets across the world

Microsoft warns the window to patch known flaws is shrinking, while the window to abuse zero-days grows.

‘Stolen session cookies render MFA irrelevant’: How $900-per-month turnkey malware is putting enterprise-grade account hijacking in the hands of rookie hackers

Storm infostealer hijacks session cookies, bypassing multi-factor authentication, harvesting credentials, and enabling persistent account access across enterprise and cryptocurrency systems globally.

Iran-Linked Hackers Are Sabotaging US Energy and Water Infrastructure

As Trump threatens Iranian infrastructure, the US government warns that Iran has carried out its own digital attacks against US critical infrastructure.

Iranian hackers are targeting American critical infrastructure, US agencies warn

A joint FBI, NSA, and CISA advisory warns that Iranian hackers have ‘escalated’ their tactics in response to the ongoing U.S.-Israel war with Iran.

Anthropic Teams Up With Its Rivals to Keep AI From Hacking Everything

The AI lab’s Project Glasswing will bring together Apple, Google, and more than 45 other organizations. They’ll use the new Claude Mythos Preview model to test advancing AI cybersecurity capabilities.

Anthropic debuts preview of powerful new AI model Mythos in new cybersecurity initiative

The new model will be used by a small number of high-profile companies to engage in defensive cybersecurity work.

Russian government hackers broke into thousands of home routers to steal passwords

Fancy Bear, also known as APT28, has taken over thousands of residential home routers to steal passwords and authentication tokens in a wide-ranging espionage operation.

‘Verify before you act’: security expert reveals the simple steps you can take to stay safe from deepfakes

There are simple steps everyone can take to identify a fake video – and most include pixel hunting.

I can’t think of anything that’s off limits to them’: FBI slams cybercriminals for attacking schools, hospitals, as crypto fraud soars

The FBI’s new IC3 report dissects the state of ransomware, and discusses attacks on hospitals and critical infrastructure firms.