#go-malware

[ follow ]
#cybersecurity #malware #ransomware #vulnerabilities #data-breach #phishing #ai #vulnerability #north-korea
#ransomware
Healthcare
fromNextgov.com
1 day ago

Former FBI official proposes terror designations for ransomware hackers targeting hospitals

Ransomware actors targeting critical infrastructure may be designated as terrorists, allowing for expanded legal actions against them.
Law
fromTheregister
23 hours ago

Third ransomware pro pleads guilty to cybercrime U-turn

Angelo Martino pleaded guilty to aiding the ALPHV/BlackCat ransomware gang in extorting US businesses.
Law
fromThe Hacker News
23 hours ago

Ransomware Negotiator Pleads Guilty to Aiding BlackCat Attacks in 2023

A ransomware negotiator pleaded guilty to aiding BlackCat ransomware attacks against U.S. companies in 2023.
Information security
fromThe Hacker News
18 hours ago

SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation

The Gentlemen ransomware group uses SystemBC malware to target over 1,570 victims, employing sophisticated tactics for initial access and lateral movement.
Healthcare
fromNextgov.com
1 day ago

Former FBI official proposes terror designations for ransomware hackers targeting hospitals

Ransomware actors targeting critical infrastructure may be designated as terrorists, allowing for expanded legal actions against them.
Law
fromTheregister
23 hours ago

Third ransomware pro pleads guilty to cybercrime U-turn

Angelo Martino pleaded guilty to aiding the ALPHV/BlackCat ransomware gang in extorting US businesses.
Law
fromThe Hacker News
23 hours ago

Ransomware Negotiator Pleads Guilty to Aiding BlackCat Attacks in 2023

A ransomware negotiator pleaded guilty to aiding BlackCat ransomware attacks against U.S. companies in 2023.
Information security
fromThe Hacker News
18 hours ago

SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation

The Gentlemen ransomware group uses SystemBC malware to target over 1,570 victims, employing sophisticated tactics for initial access and lateral movement.
more#ransomware
#cybersecurity
fromTechCrunch
14 hours ago
Privacy professionals

Unauthorized group has gained access to Anthropic's exclusive cyber tool Mythos, report claims | TechCrunch

DevOps
fromSecuritymagazine
14 hours ago

The Security Metric That's Failing You

Measuring patch rates does not equate to a secure environment; real risks often lie in misconfigurations and outdated permissions.
France news
fromThe Local France
23 hours ago

Warning over cyber-attack on French government's ANTS platform

Hackers accessed personal details of users on the French government's ANTS platform, prompting warnings about potential phishing scams.
Careers
fromSecuritymagazine
2 days ago

Advance Your Cybersecurity Career

Degrees and certifications in cybersecurity indicate foundational knowledge but hands-on experience and skills are more critical for success.
Privacy professionals
fromTechCrunch
14 hours ago

Unauthorized group has gained access to Anthropic's exclusive cyber tool Mythos, report claims | TechCrunch

Unauthorized users accessed Mythos, a cybersecurity tool by Anthropic, through a third-party vendor, raising concerns about its potential misuse.
more#cybersecurity
Artificial intelligence
fromThe Hacker News
2 hours ago

Toxic Combinations: When Cross-App Permissions Stack into Risk

Moltbook's database exposure revealed significant security risks, including unencrypted credentials and API tokens, due to poor oversight of AI agent integrations.
UK politics
fromwww.independent.co.uk
16 hours ago

Iran, Russia and China behind most major cyberattacks on UK, security chief warns

The Independent provides critical journalism on key issues without paywalls, emphasizing the importance of accessible reporting.
#ai
fromwww.bbc.com
16 hours ago
Information security

AI hacking tools like Mythos can be 'net positive' says top cyber official

AI tools can enhance cyber-security if secured properly, according to the UK's top cyber official.
Information security
fromFast Company
4 hours ago

Brace yourself for a flood of patches in all of your tech gadgets

Mythos, Anthropic's AI model, identifies software vulnerabilities, prompting urgent updates to prevent exploitation by hackers.
Software development
fromTheregister
9 hours ago

Mythos found 271 Firefox flaws - none a human couldn't spot

Mythos AI model significantly improves bug detection, identifying 271 vulnerabilities in Firefox 150, marking a pivotal moment for software security.
Information security
fromFast Company
4 hours ago

Brace yourself for a flood of patches in all of your tech gadgets

Mythos, Anthropic's AI model, identifies software vulnerabilities, prompting urgent updates to prevent exploitation by hackers.
more#ai
Fundraising
fromIndependent
1 day ago

Company has more than 2m stolen from account following cyber attack

Future Energy Capital Limited lost over €2m due to a cyber attack last October.
Cryptocurrency
fromnews.bitcoin.com
1 day ago

Lazarus Group Suspected of Moving $175M in ETH After Arbitrum Freezes $71M From KelpDAO Exploit

Lazarus Group drained 116,500 rsETH from KelpDAO, with significant funds frozen and laundered through various protocols.
Marketing tech
fromSFGATE
5 days ago

AI is a gold mine for spammers and scammers, but Google is using it as a tool to fight back

Generative AI tools have intensified online spam and scams, prompting tech giants like Google to enhance their defenses against these threats.
#ai-in-cybersecurity
Information security
fromArs Technica
16 hours ago

Mozilla: Anthropic's Mythos found 271 zero-day vulnerabilities in Firefox 150

AI tools like Mythos enhance cybersecurity by making vulnerability discovery cheaper and more efficient for defenders.
Information security
fromArs Technica
16 hours ago

Mozilla: Anthropic's Mythos found 271 zero-day vulnerabilities in Firefox 150

AI tools like Mythos enhance cybersecurity by making vulnerability discovery cheaper and more efficient for defenders.
more#ai-in-cybersecurity
Information security
fromTechzine Global
6 hours ago

As Mythos fixes Mozilla flaws, unauthorized access spells disaster

Firefox's Claude Mythos Preview addresses 271 vulnerabilities, but unauthorized access raises concerns about potential misuse by threat actors.
#ai-security
Artificial intelligence
fromTechRepublic
1 day ago

The MCP Disclosure Is the AI Era's 'Open Redirect' Moment

The Model Context Protocol has a design flaw that enables AI supply chain attacks, posing a significant security risk to enterprise AI systems.
Artificial intelligence
fromTechRepublic
1 day ago

The MCP Disclosure Is the AI Era's 'Open Redirect' Moment

The Model Context Protocol has a design flaw that enables AI supply chain attacks, posing a significant security risk to enterprise AI systems.
more#ai-security
Privacy professionals
fromFuturism
13 hours ago

Meta Installing Software on Employee Computers to Track Everything They Do, Feed the Data to AI

Meta is implementing tracking software on employees' computers to gather data for AI training, raising ethical and privacy concerns.
fromEngadget
5 hours ago

Anthropic is investigating 'unauthorized access' of its Mythos cybersecurity tool

We're investigating a report claiming unauthorized access to Claude Mythos Previous through one of our third-party vendor environments.
Information security
#data-breach
Privacy professionals
fromTheregister
1 day ago

Lovable denies data leak, cites 'intentional behavior'

Lovable's platform has a significant security flaw allowing free accounts to access sensitive user information, raising concerns about data protection.
more#data-breach
DevOps
fromInfoQ
4 weeks ago

Panel: Security Against Modern Threats

Modern threats to software supply chains require resilience by design, integrating security into engineering workflows and empowering developers with the right tools.
#north-korea
Information security
fromSecurityWeek
3 hours ago

North Korean Hackers Use AppleScript, ClickFix in Fresh macOS Attacks

North Korean hackers are targeting macOS users in financial organizations using social engineering techniques to install information-stealing malware.
Information security
fromComputerWeekly.com
4 days ago

North Korean social engineering campaign targets macOS users | Computer Weekly

A North Korean campaign targeting macOS users tricked victims into executing malicious files, leading to credential and data theft.
more#north-korea
Information security
fromSecurityWeek
4 hours ago

Google Antigravity in Crosshairs of Security Researchers, Cybercriminals

Google Antigravity's vulnerabilities have attracted both security researchers and cybercriminals, leading to risks of remote code execution and malware delivery.
Information security
fromSecurityWeek
2 hours ago

Are SBOMs Failing? Supply Chain Attacks Rise as Security Teams Struggle With SBOM Data

SBOMs and VEX statements fail to enhance software supply chain security due to poor decision-making and inconsistent interpretation of available data.
Information security
fromComputerWeekly.com
2 hours ago

A tsunami of flaws: When frontier AI and Patch Tuesday collide | Computer Weekly

April 2025 Patch Tuesday update was the second-largest in history, addressing over 160 vulnerabilities, with AI tools potentially driving the increase.
Information security
fromTNW | Next-Featured
23 hours ago

Lovable security crisis: 48 days of exposed projects, closed bug reports, & the structural failure of vibe coding security

Lovable's security incidents expose vulnerabilities in AI-generated code and highlight a market focus on growth over security.
Information security
fromSecurityWeek
5 hours ago

Oracle Patches 450 Vulnerabilities With April 2026 CPU

Oracle released 481 new security patches in April 2026, addressing vulnerabilities across 28 product families, with many remotely exploitable without authentication.
Information security
fromDeveloper Tech News
1 hour ago

Check Point: AI coding assistants are leaking API keys

AI coding assistants are unintentionally leaking sensitive internal data, including API keys, by ingesting entire workspaces without recognizing sensitive files.
Privacy professionals
fromComputerworld
1 month ago

Cyber criminals too are working from home... your home

The FBI warns that cybercriminals use residential proxies to mask illegal activities by hijacking IoT devices, smartphones, and routers, threatening both consumers and enterprises, particularly older devices.
Information security
fromTheregister
1 day ago

Adaptavist Group breach: Ransomware crew claims mega-haul

Adaptavist Group is investigating a security breach involving stolen credentials, while a ransomware group claims to have accessed extensive data.
Information security
fromThe Hacker News
5 hours ago

Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape

A critical vulnerability in the Terrarium Python sandbox allows arbitrary code execution with root privileges, rated 9.3 on the CVSS scale.
Information security
fromComputerWeekly.com
16 hours ago

Nation states responsible for 'nationally significant' cyber attacks against UK, says NCSC chief | Computer Weekly

The UK faces increased cyber security threats from hostile states and AI advancements, with an average of four significant attacks weekly.
Information security
fromTheregister
22 hours ago

macOS ClickFix attacks deliver AppleScript stealers

A ClickFix campaign targets macOS users with an AppleScript infostealer that collects sensitive data from various browsers and cryptocurrency wallets.
Information security
fromSecurityWeek
1 day ago

Dozens of Malicious Crypto Apps Land in Apple App Store

Over two dozen fake cryptocurrency apps targeting iOS users have been found in the Apple App Store, aimed at stealing recovery phrases and private keys.
Information security
fromSecurityWeek
1 day ago

Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities

CISA expanded its Known Exploited Vulnerabilities catalog with eight new flaws, including high-severity bugs in Cisco and Kentico products.
Artificial intelligence
fromFuturism
1 month ago

AI Tools Are Supercharging Hackers

AI systems are increasingly weaponized for cybercrime, enabling hackers to exploit vulnerabilities at scale with minimal technical expertise, as demonstrated by recent attacks on Mexican government networks and global firewall systems.
Information security
fromInfoWorld
1 day ago

The cookbook for safe, powerful agents

Capability without control in AI agents creates vulnerabilities, necessitating a structured control architecture for safe deployment.
Information security
fromSecurityWeek
1 day ago

Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster

Progress Software released patches for multiple vulnerabilities in MOVEit WAF and LoadMaster that could lead to remote code execution and command injection.
Information security
fromSecuritymagazine
2 days ago

58% of Organizations Spend Over 10 Hours a Month Securing AI-generated Code

31% of organizations using AI-generated code spend 10 hours or less per month on validation and auditing, raising security concerns.
fromSecurityWeek
2 days ago

Bluesky Disrupted by Sophisticated DDoS Attack

The attack is impacting our application, with users experiencing intermittent interruptions in service for their feeds, notifications, threads and search.
Information security
Information security
fromTechRepublic
1 day ago

Over 800 Android Apps Targeted in PIN-Stealing Trojan Campaign

Hackers exploit Android's overlay feature to capture PINs and monitor user interactions across over 800 apps using banking trojans.
Information security
fromTechRepublic
1 day ago

Vercel Confirms Major Security Incident as Hacker Claims $2M Ransom Demand

Vercel confirmed a security incident involving unauthorized access to internal systems, with a threat actor claiming to sell stolen company data.
#phishing
Information security
fromSecurityWeek
4 days ago

Tycoon 2FA Loses Phishing Kit Crown Amid Surge in Attacks

Threat actors have shifted to new phishing platforms after Tycoon 2FA's disruption, reusing its tools and increasing overall phishing attacks.
Information security
fromThe Hacker News
4 weeks ago

Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

A phishing campaign targets French-speaking corporations with fake resumes, deploying malware for credential theft and cryptocurrency mining.
Information security
fromSecurityWeek
4 days ago

Tycoon 2FA Loses Phishing Kit Crown Amid Surge in Attacks

Threat actors have shifted to new phishing platforms after Tycoon 2FA's disruption, reusing its tools and increasing overall phishing attacks.
Information security
fromThe Hacker News
4 weeks ago

Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

A phishing campaign targets French-speaking corporations with fake resumes, deploying malware for credential theft and cryptocurrency mining.
more#phishing
#malware
Information security
fromTechRepublic
4 days ago

New Phishing Attack Turns n8n Into On-Demand Malware Machine

Attackers are exploiting n8n workflows to deliver malware while evading detection and blending into normal business activities.
Information security
fromTechRepublic
4 days ago

New Phishing Attack Turns n8n Into On-Demand Malware Machine

Attackers are exploiting n8n workflows to deliver malware while evading detection and blending into normal business activities.
more#malware
Information security
fromThe Hacker News
2 weeks ago

The Hidden Cost of Recurring Credential Incidents

Credential incidents cause significant operational costs and disruptions, impacting IT teams and overall business productivity beyond just breach prevention.
Information security
fromSecurityWeek
3 weeks ago

Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks

Stolen credentials significantly enhance ransomware attacks, enabling illegitimate access and operational disruption within networks.
Information security
fromTheregister
1 month ago

Fake job applications pack malware that disables EDR

Russian cybercriminals target HR teams with malicious CVs disguised as job applications to install malware that disables security tools and steals corporate data.
Information security
fromTheregister
2 months ago

Vulnerability exploits now dominate intrusions

Exploit of disclosed vulnerabilities now causes most intrusions, with attackers weaponizing new flaws within hours while many organizations patch slowly.
Information security
fromTechzine Global
1 month ago

Why cyberattacks don't require advanced hacking

Poor cyber hygiene, weak identity security, overdue IT maintenance, and incomplete logging make organizations vulnerable to financially motivated attacks such as ransomware and email fraud.
[ Load more ]