Developers across popular integrated development environments (IDEs) like Visual Studio Code, Visual Studio, IntelliJ IDEA, and Cursor are at risk of running malicious extensions marked as “verified.” A new report…
Cybersecurity researchers have shed light on a previously undocumented threat actor called NightEagle (aka APT-Q-95) that has been observed targeting Microsoft Exchange servers as a part of a zero-day exploit…
Bereits zum zweiten Mal in einer Woche muss Cisco eine Schwachstelle mit höchsten Schweregrad melden. JarTee – shutterstock.com Cisco meldete kürzlich eine Schwachstelle mit höchster Schweregradbewertung (CVSS 10 von 10)…
Generative AI is changing how businesses work, learn, and innovate. But beneath the surface, something dangerous is happening. AI agents and custom GenAI workflows are creating new, hidden ways for…
Cybersecurity researchers have disclosed two security flaws in the Sudo command-line utility for Linux and Unix-like operating systems that could enable local attackers to escalate their privileges to root on…
Google has been ordered by a court in the U.S. state of California to pay $314 million over charges that it misused Android device users’ cellular data when they were…
Bundesinnenminister Alexander Dobrindt will den Schutz vor Cyberangriffen verstärken. hotocosmos1 – shutterstock.com Bundesinnenminister Alexander Dobrindt (CSU) hat verstärkte Maßnahmen gegen Cyberangriffe angekündigt. “Uns geht es darum, dass wir einen Cyber…
Fourth-party vendors have become a serious supply chain cybersecurity blind spot. Unlike third parties with direct contractual relationships, fourth parties — the suppliers your vendors rely on — often operate…
Cybersicherheit zu messen, ist kein Kinderspiel. Foto: Ultraskrip – shutterstock.com Eine wichtige Säule jedes ausgereiften Cyberrisk-Programms ist die Fähigkeit, die Performance der IT-Security und registrierte Bedrohungen zu messen, zu analysieren…
Ransomware gang Hunters International says it’s shutting down its operations for unexplained reasons, and is offering decryption keys to victim organizations. The offer of decryption keys could be good news…
In May 2025, the U.S. government sanctioned a Chinese national for operating a cloud provider linked to the majority of virtual currency investment scam websites reported to the FBI. But…
A mobile ad fraud operation dubbed IconAds that consisted of 352 Android apps has been disrupted, according to a new report from HUMAN. The identified apps were designed to load…
Deloitte’s new blueprint looks to bridge the gap between the massive push for AI adoption and a lack of preparedness among leaders and employees. – Read More
As attacks on software supply chains and third parties increase, more data on critical software and infrastructure services is being advertised and sold on the Dark Web. – Read More
The Anti-Phishing Working Group observed how attackers are increasingly abusing QR codes to conduct phishing attacks or to trick users into downloading malware. – Read More