A SystemBC proxy malware botnet of more than 1,570 hosts, believed to be corporate victims, has been discovered following an investigation into a Gentlemen ransomware attack carried out by a gang affiliate.

The attack, which originated at Context.ai, showcases the pitfalls of interconnected cloud applications and SaaS integrations with overly privileged permissions.

The FTC is preparing to enforce key parts of a new law against sexual deepfakes and searching for ways to block AI-driven scamming using voice clones.

Google’s highest security setting for its agents runs command operations through a sandbox and throttles network access, but is still vulnerable to prompt injection.

State-sponsored North Korean hackers are likely behind the $290 million crypto-heist that impacted the KelpDAO DeFi project on Saturday.

The ANTS data breach adds to a growing list of incidents affecting public sector systems in France.

Bluesky suffered a 24-hour DDoS attack that caused outages. A pro-Iran hacker group claimed responsibility for the disruption.

CISA updates KEV catalog with 8 actively exploited flaws, including Cisco Catalyst issues, CVE-2023-27351, and CVE-2024-27199 threats.

US CISA adds Cisco, Kentico Xperience, PaperCut NG/MF, Synacor, Quest, and TeamCity flaws to its Known Exploited Vulnerabilities catalog

Cisco Talos documents several macOS living-off-the-land (LOTL) techniques, demonstrating that native pathways for movement and execution remain accessible to those who understand the underlying architecture.

Axios reports the NSA uses Anthropic Claude Mythos model despite Department of Defense concerns, blurring AI risk vs defense lines.

A new variant of the NGate malware that steals NFC payment data is targeting Android users by hiding in a trojanized version of HandyPay, a legitimate mobile payments processing tool.

Anthropic’s Mythos model marks a leap in AI-assisted vulnerability discovery, but is it a security game-changer? Andesite CTO Alex Thaman breaks down the real enterprise challenge: operationalizing defense.

41-year-old Angelo Martino, a former employee of cybersecurity incident response company DigitalMint, has pleaded guilty to targeting U.S. companies in BlackCat (ALPHV) ransomware attacks in 2023.

Nonprofit security organization Shadowserver found that over 6,400 Apache ActiveMQ servers exposed online are vulnerable to ongoing attacks exploiting a high-severity code injection vulnerability.

In 2025, attackers increasingly targeted weaknesses in multi-factor authentication (MFA) workflows, and phishing attacks leveraged valid, compromised credentials to launch lures from trusted accounts. The trends focused entirely on trust, or the lack thereof…

In this episode of Talos Takes, Amy and Martin Lee unpack state-sponsored and phishing trends from the 2025 Talos Year in Review.

A 24-year-old British national and senior member of the cybercrime group "Scattered Spider" has pleaded guilty to wire fraud conspiracy and aggravated identity theft. Tyler Robert Buchanan admitted his role in a series of text-message phishing attacks in…

The shift to remote and hybrid work since the pandemic expanded global hiring and accelerated digital onboarding, increasing reliance on online identity verification and remote access.