Iranian government, not hacktivist group, breached LA Metro system, security firm says
A report by Israel-based Gambit Security dismisses the hackers’ claims of being patriotic but unaffiliated activists. Source link
Author: Cybernoz
Anthropic: Mythos finds more than 10,000 software flaws in first month
Anthropic said its month-old Project Glasswing initiative has uncovered more than 10,000 high- or critical-severity software vulnerabilities across systemically important code, a finding the company…
Inside CrowdStrike’s Takedown of a Developer-Targeting Botnet
On May 26, 2026, at 14:00 UTC, the CrowdStrike Counter Adversary Operations team executed a coordinated takedown of the Glassworm botnet, a global threat targeting…
GitHub Actions abused by Megalodon attack to slip malicious commits into 5,500 repos
Unexpected workflow_dispatch runs in the Actions tab could be a warning sign, the researchers said in a blog post. “If you use OIDC federation for…
Ghost hackers: the cybersecurity mystery that nobody has solved
In the long history of hacking, there have been numerous data breaches that, years or even decades later, remain unsolved. Countless hackers and hacking groups behind them have never been unmasked. But…
MITRE moves Caldera cybersecurity platform to Apache Foundation for broader open-source collaboration
Building on nearly a decade of development, not-for-profit organization MITRE is contributing Caldera to the Apache Incubator as Apache Caldera (Incubating). Developed by MITRE with…
House Republicans scrutinize escalating ransomware, nation-state, AI-driven cyber threats targeting state and local governments
Republican lawmakers on the House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection warned that state and local governments are facing a rapidly intensifying cyber…
EXPOSURE 2026 preps cybersecurity pros for AI
Cybersecurity leaders and practitioners brought their burning AI cybersecurity questions to EXPOSURE 2026. They left with clear answers and a blueprint for building an exposure…
How Varonis Atlas integrates Claude Compliance API for AI governance
Varonis announced an integration with the Claude Compliance API, bringing Claude Enterprise and Claude Platform activity into Varonis’ Atlas AI Security Platform. Organizations across industries rely on…
Quasar Linux RAT Targets Developers With Fileless Execution and eBPF Rootkit
A newly discovered Linux malware known as Quasar Linux, or QLNX, is actively targeting software developers and DevOps engineers with a level of sophistication rarely…
Q&A – Resilient You: The Cyber Agony Aunts Are Back!
The Cyber Agony Aunts – Rebecca Taylor, Threat Intelligence Knowledge Manager and Researcher at Sophos, and Amelia Hewitt, Founder of CybAid and Co-Founder and Director of Cyber…
CERT-In Mandates 12-Hour Patch Deadline for Internet-Facing Vulnerabilities
India’s national cyber security agency CERT-In has issued a new blueprint that tells organizations to fix critical vulnerabilities in internet‑facing and “crown‑jewel” systems within 12…