Microsoft disrupts RedVDS, a subscription service tied to AI-powered phishing and BEC attacks
Microsoft says it disrupted RedVDS, a criminal subscription service linked to AI-assisted phishing, BEC and fraud that cost victims millions.
Beast ransomware server exposure reveals a playbook built to kill backups
An exposed Beast ransomware server suggests the gang systematically targets backups to block recovery and increase extortion pressure.
CISA flags five newly exploited flaws affecting Apple, Craft CMS, and Laravel Livewire
CISA added five actively exploited flaws affecting Apple, Craft CMS, and Laravel Livewire to its KEV Catalog, signaling urgent patching needs.
New Perseus Android banking malware monitors notes apps to steal sensitive data
Perseus, a new Android banking trojan, uses droppers and notes-app monitoring to steal secrets and enable device takeover fraud.
CISA urges US orgs to secure Microsoft Intune systems after Stryker breach
CISA says organizations should harden Microsoft Intune after attackers reportedly abused it to wipe systems in the Stryker breach.
Inc ransomware group holds healthcare hostage in Oceania
INC Ransomware’s attacks in Australia, New Zealand, and Tonga show how healthcare outages can quickly become public-safety and privacy crises.
Bitrefill points to Lazarus-linked Bluenoroff in suspected North Korean cyberattack
Bitrefill says a recent cyberattack likely came from Lazarus-linked Bluenoroff, underscoring North Korea’s continued focus on crypto targets.
Iran MOIS colludes with criminals to boost cyberattacks
Iran’s MOIS is reportedly working with cybercriminals, blurring espionage and extortion while making attribution and defense harder.
The collapse of predictive security in the age of machine-speed attacks
Attackers now weaponize flaws in hours or days, forcing defenders to shift from predictive patching to preemptive exposure reduction.
What boards must demand in the age of AI-automated exploitation
AI is shrinking the time between disclosure and exploitation, forcing boards to demand faster remediation and defensible cyber risk decisions.
New ‘PolyShell’ flaw allows unauthenticated RCE on Magento e-stores
PolyShell reportedly enables unauthenticated RCE on Magento 2.x stores, raising urgent patching and compromise-check demands for merchants.
Critical n8n flaws allow remote code execution and exposure of stored credentials
Two critical n8n flaws could enable remote code execution and expose stored credentials, putting connected cloud and internal systems at risk.