AI-assisted fraud makes big debut in FBI’s cybercrime stats
The United States Federal Bureau of Investigation (FBI) has included artificial intelligence (AI) assisted offending for the first time in its annual report on online…
Month: April 2026
Severe StrongBox Vulnerability Patched in Android
The latest Android security updates address only two vulnerabilities: a critical denial-of-service (DoS) issue, and a StrongBox flaw whose impact does not appear to have…
Fast-moving Storm-1175 uses new exploits to breach networks and drop Medusa
Fast-moving Storm-1175 uses new exploits to breach networks and drop Medusa Pierluigi Paganini April 07, 2026 China-based actor Storm-1175 runs fast ransomware attacks, exploiting new…
Five takeaways from the UK’s Cyber Security & Resilience Bill
The content of the Cyber Security & Resilience Bill (CSRB) recently introduced to Parliament contained few surprises. Having spent a significant amount of time working…
PortSwigger partners with Meta Bug Bounty to empower bug hunters with training and Pro licenses
Fran Hutchings | Tuesday, 7 April 2026 at 12:12 UTC We’re excited to announce a new partnership with Meta Bug Bounty, bringing together two organizations…
‘GrafanaGhost’ bypasses Grafana’s AI defenses without leaving a trace
Security researchers at Noma Security have disclosed a new vulnerability they are calling GrafanaGhost, an exploit capable of silently stealing sensitive data from Grafana environments…
Zero‑click Grafana AI attack can enable enterprise data exfiltration
From there, attackers use indirect prompt injection techniques to manipulate the AI into executing malicious instructions. The model is tricked into generating requests that include…
Microchip secures IEC 62443-4-1 ML2 certification as regulatory pressure mounts on device security
As connected systems spread across residential, industrial and commercial environments, the need for independently verified cybersecurity assurance is becoming a core requirement. To help address…
CSIS flags Iran’s shift from episodic cyberattacks to sustained campaign against critical infrastructure
New analysis from the Center for Strategic and International Studies (CSIS) identified that Iran’s approach to cyber conflict is no longer episodic or symbolic, reflecting…
The Trojan horse of cybercrime: Weaponizing SaaS notification pipelines
By Diana Brown Cisco Talos has recently observed an increase in activity that is leveraging notification pipelines in popular collaboration platforms to deliver spam and phishing emails. These emails…
Protecting Against Session Hijacking & Credential Theft
Cybercriminals are constantly refining their tactics and attack methodologies. With growing threats like session hijacking and credential theft, these aren’t just buzzwords—they’re real threats that…
Microsoft fixes Classic Outlook bug causing email delivery issues
Microsoft has resolved a known issue that was preventing some Classic Outlook users from sending emails via Outlook.com. As the company explained when it acknowledged…