The New Rules of Engagement: Matching Agentic Attack Speed
The cybersecurity industry has been drowning in waves of speculation about the impact of AI-enabled attacks since ChatGPT was launched. Today, that speculation has come…
Category: SecurityWeek
Anthropic Unveils ‘Claude Mythos’ – A Cybersecurity Breakthrough That Could Also Supercharge Attacks
Anthropic may have just announced the future of AI – and it is both very exciting and very, very scary. Mythos is the Ancient Greek…
Severe StrongBox Vulnerability Patched in Android
The latest Android security updates address only two vulnerabilities: a critical denial-of-service (DoS) issue, and a StrongBox flaw whose impact does not appear to have…
German Police Unmask REvil Ransomware Leader
The German Federal Criminal Police (BKA) has named a Russian national as the mastermind behind the GandCrab and REvil ransomware operations. According to a law…
North Korean Hackers Target High-Profile Node.js Maintainers
The North Korean threat actor blamed for the Axios supply chain attack has been aiming its social engineering campaign at various Node.js maintainers, Socket reports.…
Google DeepMind Researchers Map Web Attacks Against AI Agents
Malicious web content can be used to manipulate, deceive, and exploit autonomous AI agents navigating the internet, Google DeepMind researchers show. The researchers have identified…
Guardarian Users Targeted With Malicious Strapi NPM Packages
A threat actor has targeted the Strapi ecosystem in a fresh supply chain attack involving 36 malicious NPM packages, according to supply chain security firm…
Fortinet Rushes Emergency Fixes for Exploited Zero-Day
Fortinet over the weekend rushed emergency fixes for a FortiClient Enterprise Management Server (EMS) vulnerability that has been exploited as a zero-day. Described as an…
North Korean Hackers Drain $285 Million From Drift in 10 Seconds
A North Korean threat actor is likely to be blamed for a $285 million heist from decentralized finance (DeFi) platform Drift, executed as part of…
T-Mobile Sets the Record Straight on Latest Data Breach Filing
T-Mobile USA has provided clarification on a recent data breach notification, stating that it was triggered by an insider incident with a very limited impact.…
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
A threat actor has been exploiting vulnerable Next.js applications to compromise systems and exfiltrate credentials at scale, Cisco’s Talos security researchers warn. Tracked as UAT-10608,…
European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack
The European Commission (EC) has confirmed that hackers stole over 300GB of data from its AWS environment using an API key compromised in the Trivy…