AWWA Supports Introduction of Collaborative Cybersecurity Legislation – Dark Reading
Post Content – Read More
Cyber
Organizations Fix Less Than Half of All Exploitable Vulnerabilities, With Just 21% of GenAI App Flaws Resolved – Dark Reading
Post Content – Read More
Attackers and Defenders Lean on AI in Identity Fraud Battle – Dark Reading
Identity verification, insurance claims, and financial services are all seeing surges in AI-enabled fraud, but organizations are taking advantage of AI systems to fight fire with fire. – Read More
Chinese APT Mustang Panda Debuts 4 New Attack Tools – Dark Reading
The notorious nation-state-backed threat actor has added two new keyloggers, a lateral movement tool, and an endpoint detection and response (EDR) evasion driver to its arsenal. – Read More
Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States – The Hacker News
Cybersecurity researchers are warning of a “widespread and ongoing” SMS phishing campaign that’s been targeting toll road users in the United States for financial theft since mid-October 2024. “The toll…
CISA Weighs in on Alleged Oracle Cloud Breach – Dark Reading
The agency is recommending that organizations and individuals implement its recommendations to prevent the misuse of stolen data, though Oracle has yet to publicly do the same for its customers.…
If Boards Don’t Fix OT Security, Regulators Will – Dark Reading
Around the world, governments are setting higher-bar regulations with clear corporate accountability for breaches on the belief organizations won’t drive up security maturity for operational technology unless they’re made to.…
Apple Zero-Days Under ‘Sophisticated Attack,’ but Details Lacking – Dark Reading
The technology giant said two zero-day vulnerabilities were used in attacks on iOS devices against “specific targeted individuals,” which suggests spyware or nation-state threat activity. – Read More
Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader – The Hacker News
A new multi-stage attack has been observed delivering malware families like Agent Tesla variants, Remcos RAT, and XLoader. “Attackers increasingly rely on such complex delivery mechanisms to evade detection, bypass…
[Webinar] AI Is Already Inside Your SaaS Stack — Learn How to Prevent the Next Silent Breach – The Hacker News
Your employees didn’t mean to expose sensitive data. They just wanted to move faster. So they used ChatGPT to summarize a deal. Uploaded a spreadsheet to an AI-enhanced tool. Integrated…
Experts Uncover New XorDDoS Controller, Infrastructure as Malware Expands to Docker, Linux, IoT – The Hacker News
Cybersecurity researchers are warning of continued risks posed by a distributed denial-of-service (DDoS) malware known as XorDDoS, with 71.3 percent of the attacks between November 2023 and February 2025 targeting…
When AI moves beyond human oversight: The cybersecurity risks of self-sustaining systems – CSO Online
Artificial intelligence is no longer just a tool executing predefined commands, it is increasingly capable of modifying itself, rewriting its own parameters, and evolving based on real-time feedback. This self-sustaining…
CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download – The Hacker News
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a medium-severity security flaw impacting Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation…
Will politicization of security clearances make US cybersecurity firms radioactive? – CSO Online
With the US government now tying security clearances to the support of specific political positions, many in the security community fear it may tar US vendors with the same brush…
Dogged by Trump, Chris Krebs Resigns from SentinelOne – Dark Reading
The president revoked the former CISA director’s security clearance, half a decade after Krebs challenged right-wing election disinformation, prompting his eventual resignation. – Read More