Security Bulletin

An impostor who posed as the secretary of state in text and voice communications with diplomats and politicians demonstrates the increased sophistication of and national security threat posed by the AI technology.

To help counter crime, today's organizations require a cyber-defense strategy that incorporates the mindset of the cybercriminal.

Though the victims list on its site has since been taken down, the group plans on leaking the rest of the files stolen from its victims.

From data fog to threat clarity: Automating security analytics helps security teams stop fighting phantoms and respond to what matters.

Following a breach at the country's top mobile provider that exposed 27 million records, the South Korean government imposed a small monetary penalty but stiff regulatory requirements.

Startup Tumeryk's State of AI Trust finds Google Gemini Pro 2.5 as the most trustworthy, with OpenAI's GPT-4o mini a close second and DeepSeek and Alibaba Qwen scoring lowest.

Some 17 of the bugs are at high risk for exploits, including multiple remote code execution bugs in Office and SharePoint.

Data exfiltration was the most common malware in Sonatype report, with more than 4,400 packages designed to steal secrets, personally identifiable information, credentials, and API tokens.

The alleged Chinese state-sponsored hacker faces multiple charges, including wire fraud, aggravated identity theft, and unauthorized access to protected computers.

Researchers have uncovered multiple campaigns spreading Lumma, Arechclient2, and Rhadamanthys malware by leveraging key features of the AV/EDR evasion framework.

With certificate lifespans set to shrink by 2029, IT teams need to spend the next 100 days planning in order to avoid operational disruptions.

The threat actors trick victims into opening a malicious script, leading to the execution of the BroaderAspect .NET loader.