#c2-takedown

[ follow ]
#cybersecurity #vulnerabilities #malware #ai #iran #critical-infrastructure #hacking #openai #security #vulnerability
#microsoft
Information security
fromSecurityWeek
7 hours ago

Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities

Microsoft's Patch Tuesday updates address 165 vulnerabilities, including a critical SharePoint zero-day exploit tracked as CVE-2026-32201.
Information security
fromSecurityWeek
7 hours ago

Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities

Microsoft's Patch Tuesday updates address 165 vulnerabilities, including a critical SharePoint zero-day exploit tracked as CVE-2026-32201.
Information security
fromComputerWeekly.com
6 hours ago

April Patch Tuesday brings zero-days in Defender, SharePoint Server | Computer Weekly

Microsoft's April Patch Tuesday update addresses over 160 issues, including two critical zero-day vulnerabilities, marking one of the largest updates in history.
more#microsoft
Social media marketing
fromAxios
7 hours ago

The first AI-era war is a "slopaganda" battle to control memes

AI-generated content is rapidly spreading propaganda, making it easier for influencers to adopt conspiracy theories.
#cybersecurity
Cryptocurrency
fromnews.bitcoin.com
5 days ago

Treasury Launches Cybersecurity Initiative Expanding Threat Intelligence Access for Digital Asset Firms

U.S. Treasury expands cybersecurity coordination with digital asset firms to enhance protections and integrate with traditional finance.
Higher education
fromNextgov.com
6 hours ago

CISA cancels CyberCorps summer internship hiring amid DHS shutdown

CISA reversed its decision to onboard summer interns due to a funding lapse in the Department of Homeland Security.
Silicon Valley
fromWIRED
1 day ago

The Dumbest Hack of the Year Exposed a Very Real Problem

A cyberattack in Silicon Valley exploited weak passwords to spoof crosswalk button recordings with voices of tech CEOs, raising security concerns.
Privacy technologies
fromYahoo Tech
4 days ago

Hackers Are Using Your Home Router to Spy on Microsoft 365 Users

Russian spies exploited consumer routers to steal Microsoft 365 credentials from thousands of users, turning home devices into espionage tools.
Cryptocurrency
fromnews.bitcoin.com
5 days ago

Treasury Launches Cybersecurity Initiative Expanding Threat Intelligence Access for Digital Asset Firms

U.S. Treasury expands cybersecurity coordination with digital asset firms to enhance protections and integrate with traditional finance.
more#cybersecurity
fromThe Hacker News
13 hours ago

Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta Ads

Mirax integrates advanced Remote Access Trojan (RAT) capabilities, allowing threat actors to fully interact with compromised devices in real time, enhancing its operational value significantly.
Roam Research
SOMA, SF
fromKqed
9 hours ago

DOJ: Man Who Attacked Sam Altman's House Threatened to Kill Other Tech CEOs | KQED

A Texas man faces charges for attempted murder of OpenAI CEO Sam Altman after violent attacks at his home and company headquarters.
Business
from24/7 Wall St.
13 hours ago

From Growth Stock to Blue Chip: Is CrowdStrike Ready for the Dow?

CrowdStrike is being considered for inclusion in the Dow Jones Industrial Average due to its strong financial profile and lack of cybersecurity representation.
fromArs Technica
1 day ago

Your tech support company runs scams. Stop-or disguise with more fraud?

Tech Live Connect processed fraudulent charges using real customer data, including names and addresses, to make the charges appear legitimate and maintain a low chargeback ratio.
Privacy professionals
DevOps
fromTechzine Global
1 day ago

Cloudflare introduces new features for building and deploying agents

Cloudflare is transforming AI development with Dynamic Workers, Sandboxes, and Artifacts for secure, scalable, and efficient code execution.
#data-breach
EU data protection
fromTNW | Data-Security
1 day ago

Basic-Fit hit by hack affecting members across multiple countries, including 200,000 in the Netherlands

Basic-Fit experienced a data breach affecting 200,000 members, exposing personal and bank details but not passwords or identity documents.
Information security
fromTechCrunch
1 day ago

Hack at Anodot leaves over a dozen breached companies facing extortion | TechCrunch

Hackers stole data from multiple companies after breaching Anodot, exposing customers to extortion and potential data publication.
EU data protection
fromTNW | Data-Security
1 day ago

Basic-Fit hit by hack affecting members across multiple countries, including 200,000 in the Netherlands

Basic-Fit experienced a data breach affecting 200,000 members, exposing personal and bank details but not passwords or identity documents.
Information security
fromTechCrunch
1 day ago

Hack at Anodot leaves over a dozen breached companies facing extortion | TechCrunch

Hackers stole data from multiple companies after breaching Anodot, exposing customers to extortion and potential data publication.
more#data-breach
Node JS
fromNist
2 days ago

NVD

Axios library versions prior to 1.15.0 are vulnerable to Prototype Pollution, leading to Remote Code Execution and Full Cloud Compromise.
US news
fromSecuritymagazine
5 days ago

Top Secret Clearance Holder Charged With Leaking Classified National Defense Information

Courtney Williams was arrested for allegedly sharing classified national defense information with unauthorized individuals, including a journalist, from 2022 to 2025.
#ai
Information security
fromSecurityWeek
12 hours ago

'Mythos-Ready' Security: CSA Urges CISOs to Prepare for Accelerated AI Threats

Mythos from Anthropic poses a significant threat by accelerating the timeline between vulnerability detection and exploitation in cybersecurity.
fromFortune
1 day ago
Information security

Anthropic caused panic that Mythos will expose cybersecurity weak spots, but one industry veteran says real problem is fixing, not finding, them | Fortune

Anthropic's Claude Mythos Preview AI model identifies cybersecurity vulnerabilities, but experts question its impact on fixing existing issues.
Information security
fromFortune
4 days ago

Anthropic's Mythos is a wake up call, but experts say the era of AI-driven hacking is already here | Fortune

Anthropic's Mythos AI model is too dangerous to release widely due to its ability to exploit software vulnerabilities.
Information security
fromTechzine Global
1 day ago

Runtime security becomes critical as AI accelerates threats

Artificial intelligence accelerates innovation and cyber threats, necessitating a focus on runtime security for effective enterprise protection.
Information security
fromSecurityWeek
12 hours ago

'Mythos-Ready' Security: CSA Urges CISOs to Prepare for Accelerated AI Threats

Mythos from Anthropic poses a significant threat by accelerating the timeline between vulnerability detection and exploitation in cybersecurity.
Information security
fromFortune
1 day ago

Anthropic caused panic that Mythos will expose cybersecurity weak spots, but one industry veteran says real problem is fixing, not finding, them | Fortune

Anthropic's Claude Mythos Preview AI model identifies cybersecurity vulnerabilities, but experts question its impact on fixing existing issues.
Information security
fromFortune
4 days ago

Anthropic's Mythos is a wake up call, but experts say the era of AI-driven hacking is already here | Fortune

Anthropic's Mythos AI model is too dangerous to release widely due to its ability to exploit software vulnerabilities.
more#ai
Privacy professionals
fromSecurityWeek
5 days ago

The Hidden ROI of Visibility: Better Decisions, Better Behavior, Better Security

Visibility through security measures can deter undesirable behavior and enhance safety in challenging situations.
Information security
fromThe Hacker News
15 hours ago

Analysis of 216M Security Findings Shows a 4x Increase In Critical Risk (2026 Report)

Critical risk findings surged by nearly 400% amid a 52% increase in raw alert volume, driven by AI-assisted development.
DevOps
fromTheregister
2 weeks ago

Documentation can contain malicious instructions for agents

Context Hub may enhance API usage but poses risks of software supply chain attacks through unverified documentation.
#cisa
Information security
fromSecurityWeek
16 hours ago

Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities

CISA expanded its Known Exploited Vulnerabilities catalog with seven new vulnerabilities, including critical Windows and Adobe flaws.
Information security
fromSecurityWeek
2 weeks ago

CISA Flags Critical PTC Vulnerability That Had German Police Mobilized

CISA warns of a critical vulnerability in PTC's Windchill software, with potential for exploitation despite no current evidence of attacks.
Information security
fromSecurityWeek
16 hours ago

Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities

CISA expanded its Known Exploited Vulnerabilities catalog with seven new vulnerabilities, including critical Windows and Adobe flaws.
Information security
fromSecurityWeek
2 weeks ago

CISA Flags Critical PTC Vulnerability That Had German Police Mobilized

CISA warns of a critical vulnerability in PTC's Windchill software, with potential for exploitation despite no current evidence of attacks.
more#cisa
Information security
fromInfoQ
1 day ago

New Rowhammer Attacks on NVIDIA GPUs Enable Full System Takeover

New Rowhammer attacks target NVIDIA GPUs, escalating from memory corruption to full system compromise, highlighting significant hardware security risks.
fromSecurityWeek
14 hours ago

Triad Nexus Evades Sanctions to Fuel Cybercrime

Triad Nexus has reinstated its global fraud engine, shifting its focus toward emerging markets while maintaining a persistent threat to Western enterprise assets.
Information security
Information security
fromArs Technica
6 hours ago

UK gov's Mythos AI tests help separate cybersecurity threat from hype

Mythos outperformed previous models in TLO tests, showing capability in attacking vulnerable systems but still facing limitations in complex scenarios.
#malware
more#malware
#kraken
Information security
fromFinbold
12 hours ago

Kraken insider extortion reveals remote work security blind spot

Kraken experienced an insider security breach affecting 2,000 client accounts, highlighting vulnerabilities in remote-first working models.
Information security
fromBitcoin Magazine
1 day ago

Crypto Exchange Kraken Faces Extortion Attempt After Insider Access Incidents Involving Support Staff

Kraken experienced two insider-related security incidents but confirmed no systems were breached and no client funds were at risk.
Information security
fromFinbold
12 hours ago

Kraken insider extortion reveals remote work security blind spot

Kraken experienced an insider security breach affecting 2,000 client accounts, highlighting vulnerabilities in remote-first working models.
Information security
fromBitcoin Magazine
1 day ago

Crypto Exchange Kraken Faces Extortion Attempt After Insider Access Incidents Involving Support Staff

Kraken experienced two insider-related security incidents but confirmed no systems were breached and no client funds were at risk.
more#kraken
#openai
Information security
fromAxios
5 hours ago

OpenAI expands access to cyber AI as hacking risks grow

OpenAI is shifting to a model that emphasizes identity verification for access to sensitive cybersecurity tools while expanding availability.
Information security
fromWIRED
5 hours ago

In the Wake of Anthropic's Mythos, OpenAI Has a New Cybersecurity Model-and Strategy

OpenAI announced GPT-5.4-Cyber, emphasizing cybersecurity safeguards and the need for advanced protections in AI models.
Information security
fromThe Hacker News
1 day ago

OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

OpenAI's macOS apps were affected by a supply chain attack, but no user data or internal systems were compromised.
Information security
fromAxios
5 hours ago

OpenAI expands access to cyber AI as hacking risks grow

OpenAI is shifting to a model that emphasizes identity verification for access to sensitive cybersecurity tools while expanding availability.
Information security
fromWIRED
5 hours ago

In the Wake of Anthropic's Mythos, OpenAI Has a New Cybersecurity Model-and Strategy

OpenAI announced GPT-5.4-Cyber, emphasizing cybersecurity safeguards and the need for advanced protections in AI models.
Information security
fromThe Hacker News
1 day ago

OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

OpenAI's macOS apps were affected by a supply chain attack, but no user data or internal systems were compromised.
more#openai
Information security
fromTechzine Global
15 hours ago

Attackers are targeting developers via Slack and Google Sites

A targeted phishing campaign exploits trust in the open-source community, tricking developers into providing credentials and installing malicious software.
#adobe
Information security
fromSecurityWeek
8 hours ago

Adobe Patches 55 Vulnerabilities Across 11 Products

Adobe's Patch Tuesday updates address 55 vulnerabilities across 11 products, with critical ColdFusion flaws requiring immediate attention.
Information security
fromTechRepublic
7 hours ago

Adobe Issues Emergency Patch for Critical PDF Flaw Exploited For Months

Adobe released an emergency patch for a critical vulnerability in its products, exploited since December 2025, with a CVSS score of 8.6.
Information security
fromSecurityWeek
8 hours ago

Adobe Patches 55 Vulnerabilities Across 11 Products

Adobe's Patch Tuesday updates address 55 vulnerabilities across 11 products, with critical ColdFusion flaws requiring immediate attention.
Information security
fromTechRepublic
7 hours ago

Adobe Issues Emergency Patch for Critical PDF Flaw Exploited For Months

Adobe released an emergency patch for a critical vulnerability in its products, exploited since December 2025, with a CVSS score of 8.6.
more#adobe
Information security
fromTechCrunch
1 day ago

FBI announces takedown of phishing operation that targeted thousands of victims | TechCrunch

The FBI dismantled a global phishing operation, W3LL, targeting over 17,000 victims and facilitating over $20 million in fraud.
#ransomware
Information security
fromSecuritymagazine
1 week ago

Ransomware Response: How Businesses Regain Control Under Pressure

Ransomware attacks create urgent pressure, forcing quick decisions and impacting operations, legal obligations, and overall enterprise strategy.
Information security
fromSecuritymagazine
1 week ago

Ransomware Response: How Businesses Regain Control Under Pressure

Ransomware attacks create urgent pressure, forcing quick decisions and impacting operations, legal obligations, and overall enterprise strategy.
more#ransomware
Information security
fromTheregister
1 day ago

Ransomware scum, other crims exploit 4 old Microsoft bugs

Four Microsoft vulnerabilities are actively exploited, including one from 2012, prompting CISA to urge federal agencies to patch them within two weeks.
fromYcombinator
9 hours ago
Information security

Show HN: OpenParallax: OS-level privilege separation for AI agent execution | Hacker News

An open-source AI agent was developed with a secure, sandboxed architecture to prevent data exfiltration and unauthorized actions.
fromwww.businessinsider.com
15 hours ago

We're in a new era of heightened CEO safety measures, security pros say

This attack is just shedding light on the fact that you're even more vulnerable outside of the office, said Don Aviv, CEO of Interfor International, a security consultancy.
Information security
Information security
fromThe Hacker News
5 days ago

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

A new variant of the Phorpiex botnet combines traditional and peer-to-peer communication, facilitating sophisticated malware operations and high-volume spam.
fromSecurityWeek
4 days ago

MITRE Releases Fight Fraud Framework

"These incidents involve the intentional use of deceptive or illegal practices to fraudulently obtain money, assets, or information from individuals or institutions, and include actions carried out over cyber channels."
Information security
Information security
fromSecurityWeek
4 days ago

Critical Marimo Flaw Exploited Hours After Public Disclosure

A critical vulnerability in Marimo was exploited within hours of its public disclosure, allowing unauthenticated remote code execution.
Information security
fromTechRepublic
6 days ago

Why Operationalizing AI Security Is the Next Great Enterprise Hurdle

Security operations lag behind rapid tech advancements, leading to inefficiencies and risks in managing numerous security tools.
Information security
fromThe Hacker News
1 week ago

The Hidden Cost of Recurring Credential Incidents

Credential incidents cause significant operational costs and disruptions, impacting IT teams and overall business productivity beyond just breach prevention.
Information security
fromSecurityWeek
1 week ago

The New Rules of Engagement: Matching Agentic Attack Speed

AI-enabled cyberattacks are currently occurring, with significant impacts on organizations and a widening gap between attackers and defenders.
Information security
fromThe Hacker News
6 days ago

Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)

Enterprise IAM faces fragmentation, leading to Identity Dark Matter and a significant gap in visibility and security oversight.
Information security
fromSecurityWeek
5 days ago

Palo Alto Networks, SonicWall Patch High-Severity Vulnerabilities

Palo Alto Networks and SonicWall released patches for multiple vulnerabilities, including high-severity bugs that could allow unauthorized access and code execution.
Information security
fromThe Hacker News
6 days ago

Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems

Anthropic's Project Glasswing uses Claude Mythos to identify and address cybersecurity vulnerabilities, surpassing human capabilities in some instances.
Information security
fromThe Hacker News
1 week ago

Multi-OS Cyberattacks: How SOCs Close a Critical Risk in 3 Steps

Multi-OS attacks complicate SOC operations, leading to delays, fragmented evidence, and increased escalation volume, ultimately allowing attackers more time to operate.
Information security
fromSecurityWeek
1 week ago

Mobile Attack Surface Expands as Enterprises Lose Control

Mobile device security is inadequate, with many organizations using critically outdated operating systems and exposing sensitive data to potential attacks.
Information security
fromSecurityWeek
2 weeks ago

Exploitation of Fresh Citrix NetScaler Vulnerability Begins

Exploitation of a critical Citrix NetScaler vulnerability began shortly after its public disclosure, with active attempts detected within days.
Information security
fromComputerworld
3 weeks ago

CISA urges IT to harden endpoint management systems after cyberattack by pro-Iranian group

CISA urges organizations to harden endpoint management system configurations, particularly Microsoft Intune, following a pro-Iranian threat actor's compromise of Stryker's systems.
Information security
fromTheregister
2 months ago

Vulnerability exploits now dominate intrusions

Exploit of disclosed vulnerabilities now causes most intrusions, with attackers weaponizing new flaws within hours while many organizations patch slowly.
[ Load more ]