CERT-UA reported PLUGGYAPE malware attacks on Ukraine’s defense forces, linked with medium confidence to Russia’s Void Blizzard group. The Computer Emergency Response Team of Ukraine (CERT-UA) reported new cyberattacks against Ukraine’s defense forces using PLUGGYAPE malware. Government experts attributed the…
Category: EN
The multibillion-dollar AI security problem enterprises can’t ignore
AI agents are supposed to make work easier. But they’re also creating a whole new category of security nightmares. As companies deploy AI-powered chatbots, agents, and copilots across their operations, they’re facing a new risk: How do you let employees and AI…
Researchers Null-Route Over 550 Kimwolf and Aisuru Botnet Command Servers
The Black Lotus Labs team at Lumen Technologies said it null-routed traffic to more than 550 command-and-control (C2) nodes associated with the AISURU/Kimwolf botnet since early October 2025. AISURU and its Android counterpart, Kimwolf, have emerged as some of the…
The multi-billion AI security problem enterprises can’t ignore
AI agents are supposed to make work easier. But they’re also creating a whole new category of security nightmares. As companies deploy AI-powered chatbots, agents, and copilots across their operations, they’re facing a new risk: how do you let employees and AI agents use…
Hacking Wheelchairs over Bluetooth
Researchers have demonstrated remotely controlling a wheelchair over Bluetooth. CISA has issued an advisory. CISA said the WHILL wheelchairs did not enforce authentication for Bluetooth connections, allowing an attacker who is in Bluetooth range of the targeted device to pair…
New China Linked VoidLink Linux Malware Targets Major Cloud Providers
Researchers have discovered VoidLink, a sophisticated new Linux malware framework designed to infiltrate AWS, Google Cloud, and Azure. Learn how this Chinese-affiliated toolkit uses adaptive stealth to stay hidden. This article has been indexed from Hackread – Cybersecurity News, Data…
Verizon Outage Knocks Out US Mobile Service, Including Some 911 Calls
A major Verizon outage appeared to impact customers across the United States starting around noon ET on Wednesday. Calls to Verizon customers from other carriers may also be impacted. This article has been indexed from Security Latest Read the original…
Infection repeatedly adds scheduled tasks and increases traffic to the same C2 domain, (Wed, Jan 14th)
Introduction This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Infection repeatedly adds scheduled tasks and increases traffic to the same C2 domain, (Wed, Jan 14th)
Structure and reliability in e-commerce platforms
A successful e-commerce platform requires more than just a good-looking design. Security, stability, speed, and scalability are key… This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI, and More Read the original article: Structure and reliability…
Aikido Security Raises $60 Million at $1 Billion Valuation
The developer security company has raised a total of more than $84 million in funding. The post Aikido Security Raises $60 Million at $1 Billion Valuation appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Living Security Adds AI Engine to Surface Risky End User Behavior
Living Security revealed it is beta testing an artificial intelligence (AI) engine on its platform that continuously analyzes billions of signals to predict risk trajectories, recommend the most effective actions, and automate routine interventions to better secure employees and, by…
Microsoft named a Leader in IDC MarketScape for Unified AI Governance Platforms
Microsoft is honored to be named a Leader in the 2025–2026 IDC MarketScape for Unified AI Governance Platforms, highlighting our commitment to making AI innovation safe, responsible, and enterprise-ready. The post Microsoft named a Leader in IDC MarketScape for Unified…
Vibe coding security risks and how to mitigate them
<p>Vibe coding — using generative AI to help write code — has gained traction as developers tap into AI to build software. Rather than hand-code every line of logic, developers interact with AI systems using natural language and iterative adjustment.</p>…
New One-Click Microsoft Copilot Vulnerability Grants Attackers Undetected Access to Sensitive Data
A novel single-click attack targeting Microsoft Copilot Personal that enables attackers to silently exfiltrate sensitive user data. The vulnerability, now patched, allowed threat actors to hijack sessions via a phishing link without further interaction. Attackers initiate Reprompt by sending a…
Researchers Breakdown DragonForce Ransomware Along with Decryptor for ESXi and Windows Systems
DragonForce is the latest ransomware brand to move from noisy forum posts to full RaaS operations, targeting both Windows and VMware ESXi environments. First seen in December 2023 on BreachForums, the group advertises stolen data and uses a dark web…
AI security firm, depthfirst, announces $40 million Series A
The company used an AI-native platform to help companies fight threats. This article has been indexed from Security News | TechCrunch Read the original article: AI security firm, depthfirst, announces $40 million Series A
Investor Lawsuit Over CrowdStrike Outage Dismissed
A judge has ruled that the plaintiffs failed to demonstrate intent to defraud investors. The post Investor Lawsuit Over CrowdStrike Outage Dismissed appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Investor Lawsuit Over…
Upcoming Speaking Engagements
This is a current list of where and when I am scheduled to speak: I’m speaking at the David R. Cheriton School of Computer Science in Waterloo, Ontario, Canada on January 27, 2026, at 1:30 PM ET. I’m speaking at…
North Korean Hackers use Code Abuse Tactics for ‘Contagious Interview’ Campaign
North Korean threat actors have launched a sophisticated social engineering campaign targeting software developers through fake recruitment offers. The campaign, known as Contagious Interview, uses malicious repositories disguised as technical assessment projects to deploy a dual-layer malware system. Victims are…
CrowdStrike Acquires Browser Security Startup Seraphic in Latest Buying Spree
CrowdStrike Holdings Inc. announced Tuesday it has signed a definitive agreement to acquire Seraphic Security, a browser security startup, marking the cybersecurity giant’s fourth acquisition since August and its second in less than a week. While CrowdStrike did not disclose…