Security Bulletin

Attackers don't always need to resort to sophisticated gambits to break and enter; organizations often make it easy for them to walk right in.

New tool can test millions of stolen credentials with minimal effort to run account takeovers.

Here’s a 5-step checklist for developing an AI defense strategy.

Zscaler's 2025 AI Security Report found that enterprise use of artificial intelligence and machine learning has grown more than 30-fold over the past year, leading to increased cybersecurity risks, SiliconAngle reports.

Reuters reports that Europol has raised concerns about the increasing use of artificial intelligence in organized crime, warning that the technology is enabling criminals to scale operations globally, evade detection, and automate illicit activities.

A new report by the University of Torontos Citizen Lab has identified suspected government customers of Paragon Solutions spyware in six additional countries: Australia, Canada, Cyprus, Denmark, Israel, and Singapore, according toCyberScoop.

An analysis of over 200,000 leaked internal messages from the Black Basta ransomware group covering September 2023 to September 2024 has revealed potential links to Russian authorities and detailed insights into the groups cyber operations, The...

Cybersecurity firm ESET has uncovered a cyberespionage campaign, Operation FishMedley, which was conducted in 2022 by the operational arm of Chinese cybersecurity firm I-Soon and targeted seven organizations across Taiwan, Hungary, Turkey, Thailand...

ACROS Security has released unofficial patches for a novel Windows SCF File NTLM hash disclosure zero-day flaw.

State and local governments have been urged by the New America's Open Technology Institute to implement data encryption, hashing, de-identification, and other privacy enhancing technologies to avert potential breaches amid growing concerns regarding...

Major Australian trade tool retailer Sydney Tools had more than 34 million online order records and over 5,000 employees' records leaked by an unprotected ClickHouse database, according to Cybernews.