#cybersecurity-threats

[ follow ]
#malware-distribution #artificial-intelligence #iran-us-conflict #critical-infrastructure
Roam Research
fromSecurityWeek
4 hours ago

174 Vulnerabilities Targeted by RondoDox Botnet

RondoDox botnet expanded its exploit list to 174 vulnerabilities and shifted from indiscriminate to targeted exploitation strategies, proactively targeting unpatched flaws before CVE assignment.
Privacy professionals
fromComputerworld
4 days ago

Cyber criminals too are working from home... your home

The FBI warns that cybercriminals use residential proxies to mask illegal activities by hijacking IoT devices, smartphones, and routers, threatening both consumers and enterprises, particularly older devices.
fromSecurityWeek
5 days ago

Apple Updates Legacy iOS Versions to Patch Coruna Exploits

This toolkit, which packs 23 individual exploits organized into five complete attack chains, has been quietly circulating in the cyber underground, enabling hackers to compromise iPhones running versions from iOS 13.0 (launched in September 2019) up to 17.2.1 (released in December 2023). The experts warned that its advanced techniques mark it as one of the most potent mobile threats observed in recent years.
Apple
Information security
fromTechRepublic
5 days ago

Patch Alert: Microsoft Fixes Nearly 80 Bugs, Including Critical Office Flaws

Microsoft's March Patch Tuesday addresses nearly 80 vulnerabilities, including critical Office flaws that enable code execution through document preview without requiring active zero-day exploits.
Artificial intelligence
fromwww.theguardian.com
1 week ago

Datacenters are becoming a target in warfare for the first time

Iran deliberately targeted commercial datacenters in the Persian Gulf, marking the first known instance of a country at war striking commercial datacenters, causing widespread service disruptions across the UAE and Bahrain.
Business intelligence
fromAxios
1 week ago

More CEOs envision hiring than firing due to AI, survey finds

While 55% of U.S. CEOs plan to increase hiring due to AI in 2026, only 9% will reduce workforce, yet most companies report not seeing ROI from current AI investments due to slow integration into existing systems.
#ransomware-attacks
Information security
fromTechzine Global
1 week ago

2025 was a new record year for ransomware

Ransomware attacks increased 50% to 7,900 incidents in 2025, with Qilin replacing LockBit as the leading group and industrial sector suffering the most damage.
Information security
fromTechzine Global
1 week ago

2025 was a new record year for ransomware

Ransomware attacks increased 50% to 7,900 incidents in 2025, with Qilin replacing LockBit as the leading group and industrial sector suffering the most damage.
more#ransomware-attacks
Privacy technologies
fromwww.theguardian.com
1 week ago

AI allows hackers to identify anonymous social media accounts, study finds

Large language models enable malicious actors to efficiently de-anonymize social media users by matching anonymous accounts to real identities using publicly available information.
Information security
fromSecurityWeek
1 week ago

Recent Cisco Catalyst SD-WAN Vulnerability Now Widely Exploited

Cisco Catalyst SD-WAN vulnerability CVE-2026-20127, initially exploited as a zero-day, now sees widespread internet-wide exploitation by multiple threat actors across global regions.
#malvertising
Marketing tech
fromComputerworld
1 week ago

Targeted advertising is also targeting malware

Malvertising has become the primary malware delivery vector globally, surpassing email and direct hacks, with AI enabling rapid distribution of adaptive malware across publishers.
fromMashable
2 weeks ago
Information security

Hackers use this tool to bypass fraud detection and weaponize Google ads

Marketing tech
fromComputerworld
1 week ago

Targeted advertising is also targeting malware

Malvertising has become the primary malware delivery vector globally, surpassing email and direct hacks, with AI enabling rapid distribution of adaptive malware across publishers.
fromMashable
2 weeks ago
Information security

Hackers use this tool to bypass fraud detection and weaponize Google ads

more#malvertising
fromTechCrunch
1 week ago

FYI: Impersonators are (still) targeting companies with fake TechCrunch outreach | TechCrunch

Impostors are impersonating our reporters to extract sensitive business information from unsuspecting targets. In several cases we know about, scammers have adopted the identity of actual staff members, crafting what looks like a standard media inquiry about a company's products and requesting an introductory call.
Information security
fromComputerWeekly.com
1 week ago

Spyware suppliers exploit more zero-days than nation states | Computer Weekly

Historically, traditional state-sponsored cyber espionage groups have been the most prolific attributed users of zero-day vulnerabilities. [But] over the last few years, the increase of zero-day exploitation attributed to CSVs and their customers has demonstrated the growing ability of these vendors to provide zero-day access to a wider range of threat actors than ever before.
Information security
Information security
fromThe Hacker News
1 week ago

ThreatsDay Bulletin: DDR5 Bot Scalping, Samsung TV Tracking, Reddit Privacy Fine & More

AuraStealer malware infrastructure revealed with 48 C2 domains using .shop and .cfd extensions, routed through Cloudflare, distributed via ClickFix with subscription pricing of $295-$585 monthly.
Information security
fromNextgov.com
1 week ago

Iran-linked hacktivists could target governments, experts warn

Iranian regime-aligned hacktivists may escalate cyberattacks against U.S. state and local government targets, financial services, and energy sectors in retaliation for military operations.
Online marketing
fromAxios
1 week ago

Inside a network of more than 200 AI slop websites gaming advertisers

Fraudsters use large language models to generate over 200 fake advertising websites designed to deceive advertisers and capture ad revenue through sensationalized, AI-generated content.
Information security
fromBusiness Insider
1 week ago

Online ads just became the internet's biggest malware machine, report says

Malicious ads surpassed email as the primary malware delivery channel in 2025, accounting for over 60% of campaigns, with programmatic advertising instances growing 45% year-over-year.
Privacy technologies
fromArs Technica
2 weeks ago

LLMs can unmask pseudonymous users at scale with surprising accuracy

LLM-based deanonymization attacks significantly outperform classical methods, maintaining precision while achieving higher recall rates across multiple guesses.
fromZDNET
2 weeks ago

Why encrypted backups may fail in an AI-driven ransomware era

What if I told you that everything you know and everything you do to ensure quality backups is no longer viable? In fact, what if I told you that in an era of generative AI, when it comes to backups, we're all pretty much screwed?
Miscellaneous
Information security
fromTechRepublic
2 weeks ago

ChatGPT Criminals: AI Scams Target Dating and Legal Impersonators - TechRepublic

Generative AI enhances traditional scams by improving message quality, consistency, and scale, making romance fraud and professional impersonation harder to detect and easier to execute at volume.
World news
fromFortune
2 weeks ago

U.S. war with Iran forces CEOs to prepare for the worst-from rising energy prices to cyber attacks | Fortune

U.S. firms face significant operational risks from U.S.-Israeli attacks on Iran, including energy price spikes, cyberattacks, physical security threats, and reduced tourism and investment.
#cybercrime
Privacy professionals
fromFast Company
2 weeks ago

Teenage hackers are on the rise, and they're more dangerous than you think

Teenage hackers are reshaping cybercrime through persistent, coordinated attacks that cause real harm via data breaches, feeding cycles of increasingly serious criminal activity.
more#cybercrime
fromwww.theguardian.com
2 weeks ago

Russia may interfere in Danish election, exploiting chaos sewn by US, spies warn

The election campaign could be marked by disinformation and cyberattacks to sow division, influence the public debate or to target candidates, parties or specific political programmes. The threat of interference targeting Denmark comes mainly from Russia but could also emanate from other state actors.
Miscellaneous
Information security
fromThe Hacker News
2 weeks ago

Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat Platforms

Threat actors distribute trojanized gaming utilities via browsers and chat platforms to deploy a multi-purpose RAT that establishes persistence through scheduled tasks and evades detection via Microsoft Defender exclusions.
fromSecurityWeek
2 weeks ago

Four Risks Boards Cannot Treat as Background Noise

Rather than stolen data making headlines, it was business stoppage that triggered attention. Moving into 2026, the board's focus should be on ensuring business continuity and building resilience in the face of emerging risks generated by AI usage and attack vectors, quantum computing and geopolitics.
Information security
Artificial intelligence
fromIntelligencer
2 weeks ago

Why AI Companies Are Suddenly Worried About Theft

Chinese AI firms conducted industrial-scale distillation attacks on Anthropic's Claude model using fraudulent accounts to extract proprietary capabilities at reduced development cost and time.
Artificial intelligence
fromBusiness Insider
2 months ago

10 executives shared their 2026 AI predictions with us

AI adoption will accelerate transformative change into 2026, including financial-alerting foundational models and heightened cybersecurity threats as ecosystems expand.
Artificial intelligence
fromSecuritymagazine
2 months ago

Sizing Up Top Tech Trends and Priorities for 2026

AI-driven innovation in 2026 will accelerate transformation while intensifying sophisticated cyber threats, requiring stronger governance, resources, and skilled cybersecurity professionals.
Privacy technologies
fromZDNET
7 months ago

Researchers used Gemini to break into Google Home - here's how

Researchers demonstrated a hack of Google Home devices via the Gemini AI model, utilizing a prompt injection attack via Google Calendar invites.
fromThe Hacker News
7 months ago

The AI-Powered Security Shift: What 2025 Is Teaching Us About Cloud Defense

In today's cloud-native world, real-time, context-aware defense is a baseline expectation, not a competitive edge.
Artificial intelligence
Growth hacking
fromThe Hacker News
9 months ago

Malicious PyPI, npm, and Ruby Packages Exposed in Ongoing Open-Source Supply Chain Attacks

Malicious packages in multiple repositories have been discovered, posing significant security threats in open-source ecosystems.
Privacy professionals
fromNextgov.com
11 months ago

User with Russian IP address tried to log into NLRB systems following DOGE access, whistleblower says

A Russian IP attempted to access NLRB systems right after DOGE's alleged data extraction, raising security concerns.
[ Load more ]