Researchers have uncovered DarkSpectre, a well-funded Chinese threat actor responsible for infecting over 8.8 million users across Chrome, Edge, and Firefox browsers through a series…
Dec 31, 2026Ravie LakshmananCybersecurity / Malware Cybersecurity researchers have disclosed details of what appears to be a new strain of Shai Hulud on the npm…
A critical security alert regarding a severe vulnerability in the IBM API Connect platform that could allow remote attackers to bypass authentication mechanisms. Discovered during…
Dec 31, 2026Ravie LakshmananAPI Security / Vulnerability IBM has disclosed details of a critical security flaw in API Connect that could allow attackers to gain…
Large Language Models (LLMs) have revolutionized software development, democratizing coding capabilities for non-programmers. However, this accessibility has introduced a severe security crisis. Advanced AI tools,…
Two Americans who built their careers protecting companies from online threats have admitted to doing the exact opposite. Ryan Goldberg, 40, of Georgia, and Kevin…
APT36, also known as Transparent Tribe, has launched a new malware campaign that targets Indian government and strategic entities by abusing Windows LNK shortcut files.…
In a worrying turn of events for the aviation industry, Korean Air has confirmed that the personal details of roughly 30,000 current and former employees…
NeuroSploitv2 is an AI-powered penetration testing framework that automates critical aspects of offensive security operations through advanced language models. The framework, available on GitHub, integrates…
This fall’s weekslong government shutdown only added to concerns about the state of federal cybersecurity—creating the possibility of blind spots or gaps in monitoring while…
If 2024 was the year lawmakers talked about online age verification, 2025 was the year they actually flipped the switch. In 2025, across parts of…
IBM urged customers to patch a critical authentication bypass vulnerability in its API Connect enterprise platform that could allow attackers to access apps remotely. API…
