Jharkhand police have uncovered an interstate cyber fraud network and arrested four individuals involved in fraudulent transactions across 24 states. The investigation was initiated following inputs from the Union Home Ministry's 'Samanvaya portal', leading…

A Romanian national who led an online swatting ring that targeted more than 75 public officials, multiple journalists, and four religious institutions was sentenced to 4 years in federal prison.

Assistant Director of the External Resources Department of the Ministry of Finance, Ranga Rajapaksa, who had been interdicted over the alleged USD 2

Industrialized cybercrime delivers attacks with greater scale, speed and success. Defenders must match this with use of AI and automation.

With Mythos signaling a new era of near-instant exploitation, Anthropic positions Claude Security to help defenders keep pace.

Linux flaw CVE‑2026‑31431, 'Copy Fail,' lets any local user write four bytes into page cache files, enabling easy escalation to root on major distros.

A new phishing kit named Bluekit offers more than 40 templates targeting popular services and includes basic AI features for generating campaign drafts.

In this week’s newsletter, Hazel uses International Superhero Day as a springboard to explore why empathy — rather than just technical prowess — is the most essential, underrated superpower for navigating the human side of cybersecurity.

We investigate how scammers are abusing PayPal’s systems to push victims into calling fake support numbers.

In this latest installment of the Reporters' Notebook video series, we discuss how the new AI model threatens to completely upend cybersecurity.

A severe cPanel authentication bypass (CVE-2026-41940) with a 9.8 CVSS score is being exploited in the wild. Over 1.5 million instances are potentially at risk; CISA has added the flaw to its KEV list. Patch immediately to prevent unauthorized server access.

The proof-of-concept exploit code runs only 10 lines long, but luckily, a patch is already available.

Congress averted a midnight expiration of Section 702 on Thursday, passing a 45-day extension of the controversial warrantless surveillance law. The short-term reprieve follows a deal to declassify a court ruling on "major compliance problems" as lawmakers…

Several npm packages for SAP's cloud application development ecosystem have been compromised as TeamPCP's supply chain attacks broaden.

The FCC unanimously approved strict new "Know Your Customer" rules to combat illegal robocalls, harden telecom networks against cyberattacks, and vet overseas equipment-testing labs.

Ryan Goldberg and Kevin Martin attacked five companies in 2023 and extorted nearly $1.3 million from one of their victims.

An OAuth supply chain compromise at Vercel exposed how trusted third party apps and platform environment variables can bypass traditional defenses and amplify blast radius. This article examines the attack chain, underlying design tradeoffs, and what it reveals…

As a SOC Analyst , I recently investigated a phishing case on the LetsDefend platform that turned out to be far more serious than a simple…