Cybersecurity

A suspected Iran-nexus threat actor, tracked as Dust Specter, impersonated Iraq’s Ministry of Foreign Affairs to target government officials with new malware.The campaign deployed...

Law enforcement dismantled Tycoon 2FA, a major Phishing-as-a-Service platform used in tens of thousands of credential theft attacks.The kit enabled threat actors to steal...

Security leaders have new budgets for AI security but often lack clear requirements for governance solutions.Many existing security tools fail to properly monitor AI...

The AI-powered attacks on Fortinet FortiGate appliances were executed using the open-source platform CyberStrikeAI.A Chinese developer with potential state ties, known as Ed1s0nZ, created...

A new phishing kit called Starkiller uses live proxying of legitimate login pages to bypass multi-factor authentication (MFA) effectively.Separate campaigns are evolving to target...

Google Chrome patched a critical privilege escalation flaw (CVE-2026-0628) in its browser in January 2026.The vulnerability allowed specially crafted malicious extensions to hijack the...

Google Cloud API keys embedded in public website code can be abused to authenticate to Gemini AI endpoints.Researchers found nearly 3,000 exposed keys and...

The U.S. Department of Defense has designated AI firm Anthropic as a national security supply chain risk.The conflict stems from Anthropic's refusal to allow...