Gig Worker Platforms at Risk for Data Breaches, Fraud, Account Takeovers – Dark Reading
Fraudsters are targeting high-turnover workforces and compromising accounts that are associated with frequent payouts. – Read More
Phishing Kit Darcula Gets Lethal AI Upgrade – Dark Reading
Recently added artificial intelligence capabilities on the Chinese-language Darcula phishing-as-a-service platform make phishing attacks easy for even the least technical hackers. – Read More
FBI: Cybercrime Losses Rocket to $16.6B in 2024 – Dark Reading
The losses are 33% higher than the year before, with phishing leading the way as the most-reported cybercrime last year, and ransomware was the top threat to critical infrastructure, according…
Dye & Durham enhances environmental due diligence with ClimateCheck™ integration – Legal Futures
New EnviroAssure and Enviro360™ reports equip conveyancers with future-focused climate data ahead of anticipated updated Law Society guidance The post Dye & Durham enhances environmental due diligence with ClimateCheck™ integration…
Lazarus Hits 6 South Korean Firms via Cross EX, Innorix Zero-Day and ThreatNeedle Malware – The Hacker News
At least six organizations in South Korea have been targeted by the prolific North Korea-linked Lazarus Group as part of a campaign dubbed Operation SyncHole. The activity targeted South Korea’s…
Navigating Regulatory Shifts & AI Risks – Dark Reading
By proactively embracing emerging trends around encryption, AI security, and platform consolidation, organizations can turn compliance burdens into competitive advantage. – Read More
159 CVEs Exploited in Q1 2025 — 28.3% Within 24 Hours of Disclosure – The Hacker News
As many as 159 CVE identifiers have been flagged as exploited in the wild in the first quarter of 2025, up from 151 in Q4 2024. “We continue to see…
Linux io_uring PoC Rootkit Bypasses System Call-Based Threat Detection Tools – The Hacker News
Cybersecurity researchers have demonstrated a proof-of-concept (PoC) rootkit dubbed Curing that leverages a Linux asynchronous I/O mechanism called io_uring to bypass traditional system call monitoring. This causes a “major blind…
Trotz Back-Up: 86 Prozent der Unternehmen zahlen Lösegeld – CSO Online
80 Prozent der Cyberangriffe beginnen mit kompromittierten Zugangsdaten und einem Active Directory. Andrey_Popov – shutterstock.com Cybertools um sich gegen Angriffe zu wappnen, werden genauso wie Kampagnen zur Sensibilisierung gegen Phishing…
GitHub secrets: Deleted files still pose risks – CSO Online
Deleted files within public GitHub repositories could still be exposing secrets like API keys, tokens, and credentials, if threat actors knew where and how to look. Cybersecurity researcher Sharon Brizinov…
Darcula Adds GenAI to Phishing Toolkit, Lowering the Barrier for Cybercriminals – The Hacker News
The threat actors behind the Darcula phishing-as-a-service (PhaaS) platform have released new updates to their cybercrime suite with generative artificial intelligence (GenAI) capabilities. “This addition lowers the technical barrier for…
Automating Zero Trust in Healthcare: From Risk Scoring to Dynamic Policy Enforcement Without Network Redesign – The Hacker News
The Evolving Healthcare Cybersecurity Landscape Healthcare organizations face unprecedented cybersecurity challenges in 2025. With operational technology (OT) environments increasingly targeted and the convergence of IT and medical systems creating an…
Critical Commvault Command Center Flaw Enables Attackers to Execute Code Remotely – The Hacker News
A critical security flaw has been disclosed in the Commvault Command Center that could allow arbitrary code execution on affected installations. The vulnerability, tracked as CVE-2025-34028, carries a CVSS score…
Cohesity-Veritas makes its pitch: Real-time cyberattack data recovery, AI analysis without the data lake – CSO Online
Cohesity, a data protection company, held its first press conference in Korea since its merger with Veritas and began to make full-fledged inroads into the domestic market. At an April…
10 key questions security leaders must ask at RSA 2025 – CSO Online
The 2025 RSA Conference is right around the corner, certain to be buzzing with marketing propaganda, intriguing innovations, and bold claims as always. But this year’s gathering at Moscone Center…