Credential misuse, AI tools, and security blind spots help attackers move through breached networks faster than ever, CrowdStrike finds.
Investments in cybersecurity startups took off in 2025, as venture capital firms focused not just on AI-native tech, but talent as well.
The North Korean threat group also leveraged Comebacker backdoor, Blindingcan RAT, and info stealer Infohook in its recent attacks.
Cybersecurity researchers said they saw Medusa attacks launched by members of Lazarus — a well-known North Korean hacking operation housed within the country’s military — against a company in the Middle East and a healthcare organization in the U.S.
Scott Schelble, the deputy assistant director of the FBI’s International Operations Division, told reporters that he recently met with law enforcement officials in Thailand, Cambodia and Vietnam to discuss the region’s scam operations.
"Reddit was using children’s data unlawfully, potentially exposing them to inappropriate and harmful content,” British regulators said in announcing a fine against the platform.
The decentralized finance platform Step Finance said the theft of $40 million from its treasury in late January led the company to decide to wind down operations.
The country’s Cyber Security Council published a statement on Saturday that said they “successfully thwarted organized cyberattacks of a terrorist nature that targeted the country’s digital infrastructure and vital sectors in an attempt to destabilize the nation and disrupt essential services.”
Protecting Ukrainian national security will probably require restrictions on Telegram and other anonymous online platforms as Russia continues to use them to organize sabotage and terrorism, officials said.
The Treasury Department sanctioned a Russian national and his company for allegedly acquiring eight proprietary cyber tools that were stolen from the defense contractor L3 Harris and sold to "unauthorized" customers.
Over a five-month period, the group, dubbed Diesel Vortex, stole more than 1,600 login credentials from accounts at logistics platforms, which allowed thieves to intercept and divert freight shipments and commit check fraud.
Anthropic on Monday said it identified "industrial-scale campaigns" mounted by three artificial intelligence (AI) companies, DeepSeek, Moonshot AI, and MiniMax, to illegally extract Claude's capabilities to improve their own models. The distillation attacks generated over 16 million exchanges with its large language model (LLM) through about 24,000 fraudulent accounts in violation of its terms
The threat activity cluster known as UnsolicitedBooker has been observed targeting telecommunications companies in Kyrgyzstan and Tajikistan, marking a shift from prior attacks aimed at Saudi Arabian entities. The attacks involve the deployment of two distinct backdoors codenamed LuciDoor and MarsSnake, according to a report published by Positive Technologies last week. "The group used several
Most identity programs still prioritize work the way they prioritize IT tickets: by volume, loudness, or “what failed a control check.” That approach breaks the moment your environment stops being mostly-human and mostly-onboarded. In modern enterprises, identity risk is created by a compound of factors: control posture, hygiene, business context, and intent. Any one of these can perhaps be
The North Korea-linked Lazarus Group (aka Diamond Sleet and Pompilus) has been observed using Medusa ransomware in an attack targeting an unnamed entity in the Middle East, according to a new report by the Symantec and Carbon Black Threat Hunter Team. Broadcom's threat intelligence division said it also identified the same threat actors mounting an unsuccessful attack against a healthcare
A vulnerability in GitHub Codespaces could have been exploited by bad actors to seize control of repositories by injecting malicious Copilot instructions in a GitHub issue. The artificial intelligence (AI)-driven vulnerability has been codenamed RoguePilot by Orca Security. It has since been patched by Microsoft following responsible disclosure. "Attackers can craft hidden instructions inside a
A Russia-aligned threat actor has been observed targeting a European financial institution as part of a social engineering attack to likely facilitate intelligence gathering or financial theft, signaling a possible expansion of the threat actor's targeting beyond Ukraine and into entities supporting the war-torn nation. The activity, which targeted an unnamed entity involved in regional
