Vercel suffered a breach after a hacked Context.ai tool exposed an employee account, letting attackers access limited internal systems.

India’s top intelligence agency arrested a suspected key conspirator accused of supplying fraudulently obtained SIM cards to cybercriminal networks, as part

GreyNoise researchers spotted a consistent trend in forthcoming vulnerabilities affecting security tools, providing defenders an early-warning system for likely imminent attacks.

Hackers have targeted CVE-2023-33538 flaw in old TP-Link routers for a year, but no successful exploitation has been seen so far.

The expansion of supply chain attacks has made dark web monitoring, exposed asset monitoring, and cyber signal intelligence essential for understanding risk across interconnected environments. This aligns directly with how platforms like Lunar approach security…

Microsoft is rolling out multiple File Explorer changes to Windows 11 users in the Insider program, including improvements to launch speed and performance.

The Axios library compromise reveals a stark reality: human-speed defense is no longer enough. Elastic’s Mike Nichols explains why the public sector must embrace an "agentic SOC" to counter AI-driven supply chain threats and nation-state adversaries.

A British man, believed to be the leader of the Scattered Spider cybercrime collective, has pleaded guilty in the United States to charges of wire fraud and aggravated identity theft.

Backups protect data, but don't keep your business running during downtime. Datto shows why BCDR is essential to keep operations running during ransomware and outages.

Microsoft is warning of threat actors increasingly abusing external Microsoft Teams collaboration and relying on legitimate tools for access and lateral movement on enterprise networks.

How Microsoft secures Dynamics 365 and Power Platform by removing credentials, reducing attack surfaces, and using platform engineering to block opportunistic threats.

The Italian Data Protection Authority fine cases reflect a clear message to financial institutions.

Bluesky cyberattack caused major DDoS outages disrupting feeds and search. Platform confirmed no data breach and restored stability quickly.

The Seiko USA website was defaced over the weekend, displaying a message from attackers claiming they stole its Shopify customer database and threatening to leak it unless a ransom is paid.

A SystemBC proxy malware botnet of more than 1,570 hosts, believed to be corporate victims, has been discovered following an investigation into a Gentlemen ransomware attack carried out by a gang affiliate.

The attack, which originated at Context.ai, showcases the pitfalls of interconnected cloud applications and SaaS integrations with overly privileged permissions.

The FTC is preparing to enforce key parts of a new law against sexual deepfakes and searching for ways to block AI-driven scamming using voice clones.

Google’s highest security setting for its agents runs command operations through a sandbox and throttles network access, but is still vulnerable to prompt injection.

A set of 26 malicious apps on Apple App Store impersonate popular wallets, such as Metamask, Coinbase, Trust Wallet, and OneKey, to steal recovery or seed phrases and drain them of cryptocurrency assets.

State-sponsored North Korean hackers are likely behind the $290 million crypto-heist that impacted the KelpDAO DeFi project on Saturday.