Best-in-Class 'Starkiller' Phishing Kit Bypasses MFA
A user-friendly PhaaS tool beats standard methods for detecting phishing attacks by live-proxying legitimate login sites.
Supply Chain Attack Secretly Installs OpenClaw for Cline Users
The malicious version of Cline's npm package — 2.3.0 — was downloaded more than 4,000 times before it was removed.
Emerging Chiplet Designs Spark Fresh Cybersecurity Challenges
As scaled-down circuits with limited functions redefine computing for AI systems and autonomous vehicles, their flexibility demands new approaches to safeguard critical infrastructure.
Latin America's Cyber Maturity Lags Threat Landscape
The slower pace of upgrades has the unintended impact of creating a haven for attackers, especially for initial access brokers and ransomware gangs.
Lessons From AI Hacking: Every Model, Every Layer Is Risky
After two years of finding flaws in AI infrastructure, two Wiz researchers advise security pros to worry less about prompt injection and more about vulnerabilities.
'God-Like' Attack Machines: AI Agents Ignore Security Policies
Microsoft Copilot recently summarized and leaked user emails; but any AI agent will go above and beyond to complete assigned tasks, even breaking through their carefully designed guardrails.
Attackers Use New Tool to Scan for React2Shell Exposure
Researchers say threat actors wielded the sophisticated — and unfortunately named — toolkit to target high-value networks for React2Shell exploitation.
600+ FortiGate Devices Hacked by AI-Armed Amateur
A Russian-speaking hacker used generative AI to compromise the FortiGate firewalls, targeting credentials and backups for possible follow-on ransomware attacks.
Enigma Cipher Device Still Holds Secrets for Cyber Pros
The Nazi relic's history is riddled with resilience errors, and those lessons still apply to defending against modern cyber threats.
_roibu_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
Iran's MuddyWater Targets Orgs With Fresh Malware as Tensions Mount
The long-active Iranian threat group debuted various attack strains and payloads in attacks against organizations in the Middle East and Africa.
More Than Dashboards: AI Decisions Must Be Provable
AI systems have to be able to show a record of what happened and how.
Spitting Cash: ATM Jackpotting Attacks Surged in 2025
The attacks cost banks more than $20 million in losses last year, as criminals used many of the same tools and tactics they have wielded for more than a decade.