Why You Should Swap Passwords for Passphrases
Oct 22, 2025The Hacker NewsData Breach / Enterprise Security The advice didn’t change for decades: use complex passwords with uppercase, lowercase, numbers, and symbols. The…
Oct 22, 2025The Hacker NewsData Breach / Enterprise Security The advice didn’t change for decades: use complex passwords with uppercase, lowercase, numbers, and symbols. The…
A new form of attack is targeting browsers with built-in AI assistants. Researchers at Brave have found that seemingly harmless screenshots and web pages can…
Hackers believed to be associated with China have leveraged the ToolShell vulnerability (CVE-2025-53770) in Microsoft SharePoint in attacks targeting government agencies, universities, telecommunication service providers,…
In a newly uncovered campaign, the threat group known as Bitter—also tracked as APT-Q-37—has leveraged both malicious Office macros and a previously undocumented WinRAR path…
Elastic released Agent Builder, a complete set of capabilities powered by Elasticsearch, that makes it easy for developers to build custom AI agents on company…
Monolock ransomware has surfaced in underground forums, with threat actors advertising version 1.0 for sale alongside stolen corporate credentials. First detected in late September, the…
Over the past week, cybersecurity professionals have been gripped by the emergence of GlassWorm, a highly sophisticated, self-propagating malware campaign targeting VS Code extensions on…
Oct 22, 2025Ravie LakshmananCyber Espionage / Network Security Government, financial, and industrial organizations located in Asia, Africa, and Latin America are the target of a…
Government departments in Sweden are considering deploying “open network” encrypted messaging services as an alternative to proprietary collaboration tools. Some 40 of Sweden’s government agencies…
A sneaky hacking campaign where attackers used publicly available ASP.NET machine keys to break into Windows IIS web servers. These keys, meant to protect web…
On October 6, 2025, the cybercriminal developer known as “Loadbaks” announced the release of Vidar Stealer v2.0 on underground forums, introducing a sophisticated information-stealing malware…
Keycard emerged from stealth with its identity and access platform for AI agents that integrates with organizations’ existing user identity solutions. Keycard’s platform identifies AI…