Start your red teaming journey with intent, not ambition. Designate a lead with both AI literacy and a security mindset. The post A Practical Guide to Building a Red Teaming Strategy for AI appeared first on Security Boulevard. This article…
Qantas Investigates Cyber Attack That May Have Affected Millions of Customers
Qantas Airways has revealed that a cyber attack on one of its third-party service platforms may have compromised the personal data of up to six million customers. The breach was linked to a customer service tool used by a…
Ahold Delhaize USA Faces Data Breach Exposing Sensitive Information
In an announcement published by Ahold Delhaize, a leading global food retailer, the company confirmed that a significant data breach has compromised the personal information of over 2.2 million people across several countries. With nearly 10,000 stores located across Europe,…
Parking Meter QR Code Scam Grows Nationwide as “Quishing” Threatens Drivers
A growing scam involving fake QR codes on parking meters is putting unsuspecting drivers at risk of financial fraud. This deceptive tactic—called “quishing,” a blend of “QR” and “phishing”—relies on tampered QR codes that redirect people to bogus websites…
US Government Secretly Builds Enormous Database Tracking Citizens
An explosive story regarding the Trump administration’s collaboration with Palantir, which could result in the creation of a master database containing data on every American, was released by the New York Times last month. If such a “master list”…
Qantas Hit by Cyberattack Days After FBI Warning on Airline 2FA Bypass Threat
Just days after the FBI warned airlines about a surge in 2FA bypass attacks by the hacker group Scattered Spider, Australian airline Qantas has confirmed a major cybersecurity incident. The breach, which targeted a third-party platform used for customer…
Vulnerability Summary for the Week of June 30, 2025
High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info ABB–RMC-100 Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to the control network,…
Learn how to build an AI-powered, unified SOC in new Microsoft e-book
Read Coordinated Defense: Building an AI-powered, unified SOC, the new e-book on how organizations can unify security operations to better meet the challenges of today’s cyberthreat landscape. The post Learn how to build an AI-powered, unified SOC in new Microsoft…
Enhancing Microsoft 365 security by eliminating high-privilege access
In this blog you will hear directly from Microsoft’s Deputy Chief Information Security Officer (CISO) for Experiences and Devices, Naresh Kannan, about eliminating high-privileged access across all Microsoft 365 applications. This blog is part of an ongoing series where our…
It’s time to give AI security its own playbook and the people to run it
In this Help Net Security interview, Dr. Nicole Nichols, Distinguished Engineer in Machine Learning Security at Palo Alto Networks, discusses why existing security models need to evolve to address the risks of AI agents. She explains how organizations should approach…
Why your security team feels stuck
Cybersecurity friction usually gets framed as a user problem: password policies that frustrate employees, MFA that slows down logins, or blocked apps that send workers into the arms of shadow IT. But there’s a different kind of friction happening behind…
IPinfo boosts privacy detection capabilities with Residential Proxy Detection API
IPinfo launched Residential Proxy Detection API, extending its privacy detection capabilities to help security and fraud prevention teams identify one of the most evasive forms of anonymized IP traffic. Residential Proxy Detection is also available via downloadable database and Snowflake…
Zenni ID Guard disrupts unwanted infrared facial tracking
Zenni Optical introduces Zenni ID Guard, a privacy-focused lens technology that reflects near-infrared light to help disrupt unwanted tracking. It’s a shield for your face, built right into your everyday glasses, all at an accessible price. The growing use of…
Barracuda protects Microsoft Entra ID environment from data loss
Barracuda Networks launched Barracuda Entra ID Backup Premium – a comprehensive, cost-effective solution to safeguard Microsoft Entra ID environments from accidental and malicious data loss. With fast, reliable recovery of vital identity data, the new offering strengthens cyber resilience and…
5 Ways Identity-based Attacks Are Breaching Retail
From overprivileged admin roles to long-forgotten vendor tokens, these attackers are slipping through the cracks of trust and access. Here’s how five retail breaches unfolded, and what they reveal about… In recent months, major retailers like Adidas, The North Face,…
Malicious Pull Request Targets 6,000+ Developers via Vulnerable Ethcode VS Code Extension
Cybersecurity researchers have flagged a supply chain attack targeting a Microsoft Visual Studio Code (VS Code) extension called Ethcode that has been installed a little over 6,000 times. The compromise, per ReversingLabs, occurred via a GitHub pull request that was…
Anatsa Android Banking Trojan Hits 90,000 Users with Fake PDF App on Google Play
Cybersecurity researchers have discovered an Android banking malware campaign that has leveraged a trojan named Anatsa to target users in North America using malicious apps published on Google’s official app marketplace. The malware, disguised as a “PDF Update” to a…
Hackers Use Leaked Shellter Tool License to Spread Lumma Stealer and SectopRAT Malware
In yet another instance of threat actors repurposing legitimate tools for malicious purposes, it has been discovered that hackers are exploiting a popular red teaming tool called Shellter to distribute stealer malware. The company behind the software said a company…
Microsoft Patches 130 Vulnerabilities, Including Critical Flaws in SPNEGO and SQL Server
For the first time in 2025, Microsoft’s Patch Tuesday updates did not bundle fixes for exploited security vulnerabilities, but acknowledged one of the addressed flaws had been publicly known. The patches resolve a whopping 130 vulnerabilities, along with 10 other…
Congratulations to the top MSRC 2025 Q2 security researchers!
Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2025 Q2 Security Researcher Leaderboard are…
Red Team Tool Developer Shellter Admits ‘Misuse’ by Adversaries
The company behind AV/EDR evasion tool Shellter has confirmed the product is being used by threat actors This article has been indexed from www.infosecurity-magazine.com Read the original article: Red Team Tool Developer Shellter Admits ‘Misuse’ by Adversaries
Malicious Open Source Packages Surge 188% Annually
Sonatype’s latest Open Source Malware Index report has identified more than 16,000 malicious open source packages, representing a 188% annual increase This article has been indexed from www.infosecurity-magazine.com Read the original article: Malicious Open Source Packages Surge 188% Annually
Over 500 Scattered Spider Phishing Domains Poised to Target Multiple Industries
Check Point discovered around 500 suspected Scattered Spider phishing domains, suggesting the group is preparing to expand its targeting This article has been indexed from www.infosecurity-magazine.com Read the original article: Over 500 Scattered Spider Phishing Domains Poised to Target Multiple…
Researchers Reveal 18 Malicious Chrome and Edge Extensions Disguised as Everyday Tools
Researchers from Koi Security have detected 18 malicious Chrome and Edge extensions masquerading as benign productivity and entertainment tools This article has been indexed from www.infosecurity-magazine.com Read the original article: Researchers Reveal 18 Malicious Chrome and Edge Extensions Disguised as…