White House charts new course for federal agencies and cybersecurity logging
The White House has updated rules for federal agencies to keep logs of significant cyber activities in their networks, touting it as a measure to…
Category: Cyberscoop
Apple open-sources quantum-resistant encryption code
Apple has released quantum-resistant cryptographic code and the mathematical verification tools it developed to prove the code’s correctness, making them publicly available for independent review…
Anthropic: Mythos finds more than 10,000 software flaws in first month
Anthropic said its month-old Project Glasswing initiative has uncovered more than 10,000 high- or critical-severity software vulnerabilities across systemically important code, a finding the company…
FBI warns about fast-growing phishing kit targeting Microsoft 365 users
The FBI is warning organizations and defenders about Kali365, a growing phishing-as-a-service platform that retrieves Microsoft 365 access tokens, issuing a public service announcement Thursday. …
European authorities take down prolific cybercrime VPN service
European authorities took down a prominent virtual private network service and arrested the alleged administrator behind an operation that cybercriminals used to steal data, commit…
CISA chief frets about open-source vulnerabilities, delayed security improvements
Securing some of the open-source technology that serves as the backbone for all modern digital infrastructure is going to require some “hard decisions” amid a…
Lawmakers from both parties say CISA cuts have gone too far
Two cybersecurity-focused members of Congress agreed Thursday that reductions to the Cybersecurity and Infrastructure Security Agency have done too much damage to an agency essential…
Alleged leader of Kimwolf, a sweeping botnet for cybercriminals, arrested in Canada
Authorities arrested and unsealed charges against a Canadian man accused of running Kimwolf, one of the most far-reaching DDoS botnets on record, the Justice Department…
Trump postpones executive order focused on AI security
President Donald Trump said he would postpone the release of an executive order that would set up a 90-day testing and vetting regime for frontier…
The readiness paradox: Why a false sense of cyber confidence is becoming a liability
There’s this old proverb that’s stuck with me over the years: “Dig the well before you are thirsty.” It really means you should prepare for…
Meet Rampart and Clarity, Microsoft’s new red team combo AI agents
On Wednesday, Microsoft released two new red teaming tools—Rampart and Clarity—,meant to help developers design more secure agentic software and assist incident responders in the…
GitHub says internal repositories were taken in poisoned VS Code extension attack
GitHub said late Tuesday that internal repositories were exfiltrated after an employee device was compromised through a poisoned Visual Studio Code extension, an incident that…