Companies aren’t prepared for how AI is accelerating impersonation attacks
Businesses generally aren’t taking a proactive enough approach to blocking schemes that spoof their leaders’ identities, according to a new report. Source link
Author: Cybernoz
Meta accuses NSO Group of defying spyware injunction, files contempt of court complaint
Meta said Monday that it caught a spearphishing campaign linked to spyware maker NSO Group despite a court injunction, prompting the tech giant to file…
Why most enterprise security teams would fail a military readiness test
More recently, researchers at Cisco revealed that frontier models from OpenAI, Anthropic, Google, xAI, and Amazon have significantly worse risk profiles when pressured in multi-turn…
For the 2nd time in weeks, Microsoft packages laced with credential stealer
Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened…
GDIT expands Splunk partnership to deliver AI-driven cybersecurity capabilities for federal agencies
General Dynamics Information Technology (GDIT), a business unit of General Dynamics, announced on Monday that it has expanded its technology partnership with Splunk, a Cisco…
Frontier AI, cyber defense, and critical infrastructure resilience take center stage in House hearing
The U.S. House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection held a hearing examining how frontier AI models, agentic AI systems, and AI-powered coding…
CrowdStrike and Zscaler Bring Continuous Identity Security to Zero Trust Access
Modern adversaries are accelerating attacks across identities, endpoints, cloud environments, and SaaS applications, often moving faster than security teams can respond. Identity has become a…
Huntress Service: Ransomware Canaries | Huntress
From CryptoLocker to Locky to Sodinokibi to Maze, ransomware has been a staple in the hacker-verse for a long time. For defenders, the solution to…
Gogs patches critical zero-day enabling remote code execution
Gogs has patched a critical security zero-day flaw that can allow attackers to compromise Internet-facing instances and access any repositories (including private ones). This argument injection…
Check Point VPN 0-day Vulnerability Exploited in the Wild to Deploy Ransomware
Check Point Research has uncovered active exploitation of CVE-2026-50751, a critical authentication bypass vulnerability (CVSS 9.3) in Check Point Remote Access VPN and Mobile Access…
Meta Deletes Face-Recognition System From Its Smart Glasses App After WIRED Report
One day after WIRED revealed that Meta had quietly embedded an unreleased face-recognition system into an app installed on more than 50 million phones, the…
Pink Hacking Group Targets Enterprises to Steal Cloud Passwords
A newly observed extortion brand called Pink (CL-CRI-1147) that is actively targeting enterprise users to harvest cloud storage credentials and bypass multi-factor authentication. The group’s…