Phishers Exploit Office 365 Users Who Let Their Guard Down

Microsoft said that Office 365 tenants with weak configurations and who don't have strict anti-spoofing protection enabled are especially vulnerable.

Attackers Exploit Zero-Day in End-of-Life D-Link Routers

Hackers are attacking a critical zero-day flaw in unsupported D-Link DSL routers to run arbitrary commands.

Here's What Cloud Security's Future Holds for the Year Ahead

Here are the top cloud security trends I'm seeing in my crystal ball for the New Year — particularly arming us for AI adoption.

ChatGPT's Memory Feature Supercharges Prompt Injection

The "ZombieAgent" exploit makes use of ChatGPT's long-term memory and advanced capabilities.

Fake AI Chrome Extensions Steal 900K Users' Data

Threat actors ripped off a legitimate AI-powered Chrome extension in order to harvest ChatGPT and DeepSeek data before sending it to a C2 server.

Maximum Severity HPE OneView Flaw Exploited in the Wild

Exploitation of CVE-2025-37164 can enable remote code execution on HPE's IT infrastructure management platform, leading to devastating consequences.

CrowdStrike to Buy SGNL to Expand Identity Security Capabilities

The CrowdStrike-SGNL deal underscores how identity security has become a critical component of enterprise cybersecurity as companies add cloud services and deploy AI-driven tools.

Russia’s Fancy Bear APT Doubles Down on Global Secrets Theft

The notorious state-sponsored group relies on basic techniques that are highly effective, often delivering greater ROI than more complex malware-heavy operations.

Illicit Crypto Economy Surges Amid Increased Nation-State Activity

Cybercriminal cryptocurrency transactions totaled billions in 2025, with activity from sanctioned countries like Russia and Iran causing the largest jump.

Deepfake Fraud Tools Are Lagging Behind Expectations

Deepfakes are becoming more realistic and more popular. Luckily, defenders are still ahead in the arms race.

2 Separate Campaigns Probe Corporate LLMs for Secrets

A total of 91,403 sessions targeted public LLM endpoints to find leaks in organizations' use of AI and map an expanding attack surface.

Hexnode Moves into Endpoint Security With Hexnode XDR