BleepingComputer
The Hacker News
- SonicWall firewall devices hit in surge of Akira ransomware attacks
- Pi-hole discloses data breach triggered by WordPress plugin flaw
- AI-powered Cursor IDE vulnerable to prompt-injection attacks
- Pwn2Own hacking contest pays $1 million for WhatsApp exploit
- Kali Linux can now run in Apple containers on macOS systems
- Microsoft to disable Excel workbook links to blocked file types
- Microsoft now pays up to $40,000 for some .NET vulnerabilities
- CISA open-sources Thorium platform for malware, forensic analysis
- Microsoft: Russian hackers use ISP access to hack embassies in AiTM attacks
- Inside a Real Clickfix Attack: How This Social Engineering Hack Unfolds
- Cursor AI Code Editor Fixed Flaw Allowing Attackers to Run Commands via Prompt Injection
- Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts
- AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedown
- You Are What You Eat: Why Your AI Security Tools Are Only as Strong as the Data You Feed Them
- Storm-2603 Deploys DNS-Controlled Backdoor in Warlock and LockBit Ransomware Attacks
- Secret Blizzard Deploys Malware in ISP-Level AitM Attacks on Moscow Embassies
- Experts Detect Multi-Layer Redirect Tactic Used to Steal Microsoft 365 Login Credentials
- N. Korean Hackers Used Job Lures, Cloud Account Access, and Malware to Steal Millions in Crypto
- AI-Driven Trends in Endpoint Security: What the 2025 Gartner® Magic Quadrant™ Reveals
- UNC2891 Breaches ATM Network via 4G Raspberry Pi, Tries CAKETAP Rootkit for Fraud
GovInfoSecurity
Infosecurity Magazine
- View to a Patch: Google Tweaks Its Vulnerability Disclosure
- AI Agents Can Hack Smart Contracts on Autopilot
- What Makes an AI Startup Fundable - From a VC Who Knows
- Overcoming the Limitations of Using AI Security in Telecom
- HHS Data Plan Aims to 'Make Health Technology Great Again'
- Wallarm Secures $55M to Safeguard API-Driven Business Logic
- Cryptohack Roundup: WOO X Probes $14M Breach
- How the CyberArk Deal Is Different From Past Palo Alto M&A
- Breach Roundup: Did China Have a Sneak Peek Into ToolShell?
- OnDemand | Practical Playbook for OT: 3 CISO Techniques for AI, Compliance and Controls
- Secret Blizzard Targets Moscow-Based Embassies in New Espionage Campaign
- Hackers Regularly Exploit Vulnerabilities Before Public Disclosure, Study Finds
- Staggering 800% Rise in Infostealer Credential Theft
- UK Leads the Way with £15m AI Alignment Project
- Android Malware Targets Banking Users Through Discord Channels
- CISA Unveils Eviction Strategies Tool to Aid Incident Response
- Ransomware Attacks Escalate to Physical Threats Against Executives
- Cybercriminals ‘Spooked’ After Scattered Spider Arrests
- FunkSec Ransomware Victims Can Now Recover Files with Free Decryptor
- Passwordless Future Years Away Despite Microsoft Authenticator Move
CyberScoop
Krebs on Security
- Social engineering attacks surged this past year, Palo Alto Networks report finds
- China accuses US of exploiting Microsoft zero-day in cyberattack
- Feds still trying to crack Volt Typhoon hackers’ intentions, goals
- Russia-affiliated Secret Blizzard conducting ongoing espionage against embassies in Moscow
- Senate legislation would direct federal agencies to fortify against quantum computing cyber threats
- Project Zero disclosure policy change puts vendors on early notice
- Senate Democrats call Trump admin’s focus on state voter rolls a pretext for disenfranchisement
- Army Secretary forces West Point to rescind appointment given to Easterly
- Palo Alto Networks to acquire CyberArk for $25 billion
- CISA is facing a tight CIRCIA deadline. Here’s how Sean Plankey can attempt to meet it
- Scammers Unleash Flood of Slick Online Gaming Sites
- Phishers Target Aviation Execs to Scam Customers
- Microsoft Fix Targets Attacks on SharePoint Zero-Day
- Poor Passwords Tattle on AI Hiring Bot Maker Paradox.ai
- DOGE Denizen Marko Elez Leaked API Key for xAI
- UK Charges Four in ‘Scattered Spider’ Ransom Group
- Microsoft Patch Tuesday, July 2025 Edition
- Big Tech’s Mixed Response to U.S. Treasury Sanctions
- Senator Chides FBI for Weak Advice on Mobile Security
- Inside a Dark Adtech Empire Fed by Fake CAPTCHAs