PHALT#BLYX targets European hotels with fake Booking emails and BSoD lures, tricking staff into installing the DCRat remote access trojan. Researchers uncovered a late-December 2025 campaign, dubbed PHALT#BLYX, targeting European hotels with fake Booking-themed emails. Victims are redirected to bogus…
Tag: EN
Hexnode XDR unifies detection, investigation, and response in one platform
Hexnode has launched Hexnode XDR, its new extended detection and response platform, taking an important step toward making enterprise-level security more accessible for IT teams of all sizes. The platform brings detection, investigation, and response together in one place, laying…
Exabeam helps teams assess their security posture around AI usage and agent activity
Exabeam announced it is the first to deliver a connected system of AI-driven security workflows to protect organizations from the risks of AI usage and AI agent activity. This release extends the company’s user and entity behavior analytics (UEBA) to…
Chrome “WebView” Vulnerability Allows Hackers to Bypass Security Restrictions
Google has released an urgent security update for the Chrome browser to address a high-severity vulnerability in the WebView tag component that could allow attackers to bypass critical security restrictions. Google rolled out Chrome version 143.0.7499.192/.193 for Windows and Mac,…
Keysight empowers engineering teams to build trustworthy AI systems
Keysight Technologies introduced Keysight AI Software Integrity Builder, a new software solution designed to transform how AI-enabled systems are validated and maintained to ensure trustworthiness. As regulatory scrutiny increases and AI development becomes increasingly complex, the solution delivers transparent, adaptable,…
When AI agents interact, risk can emerge without warning
System level risks can arise when AI agents interact over time, according to new research that examines how collective behavior forms inside multi agent systems. The study finds that feedback loops, shared signals, and coordination patterns can produce outcomes that…
NSFOCUS SSCS Recognized by Frost&Sullivan in Insights for CISOs: Challenges and Opportunities in the Software Supply Chain Security Space
Recently, the world-renowned market research firm Frost & Sullivan officially released a strategic report: Insights for CISOs: Challenges and Opportunities in the Software Supply Chain Security Space. In this report tailored for the global CISO community, NSFOCUS was featured among…
What European security teams are struggling to operationalize
European security and compliance teams spend a lot of time talking about regulation. A new forecast report from Kiteworks suggests the harder problem sits elsewhere. According to the report, many European organizations have strong regulatory frameworks on paper, driven by…
Gen AI data violations more than double
Security teams track activity that moves well beyond traditional SaaS platforms, with employees interacting daily with generative AI tools, personal cloud services, and automated systems that exchange data without direct human input. These patterns shape how sensitive information moves across…
Kimwolf Bot Strikes – “Routers Will Not Protect You”
In this episode of Cybersecurity Today, host Jim Love discusses the latest in cybersecurity threats including the rapidly growing Kim Wolf botnet affecting millions of devices, the rising threats to file-sharing environments, and the intersection of cybercrime with physical supply…
Quantum structured light could transform secure communication and computing
Scientists are learning to engineer light in rich, multidimensional ways that dramatically increase how much information a single photon can carry. This leap could make quantum communication more secure, quantum computers more efficient, and sensors far more sensitive. Recent advances…
Identity security planning for 2026 is shifting under pressure
Identity security planning is becoming more focused on scale, governance, and operational strain, according to the Identity Security Outlook 2026 report. The ManageEngine research draws on responses from 515 identity and security leaders in the United States and Canada and…
Ongoing Attacks Exploiting Critical RCE Vulnerability in Legacy D-Link DSL Routers
A newly discovered critical security flaw in legacy D-Link DSL gateway routers has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-0625 (CVSS score: 9.3), concerns a case of command injection in the “dnscfg.cgi” endpoint that arises…
Malicious Chrome Extension Steal ChatGPT and DeepSeek Conversations from 900K Users
Two rogue Chrome extensions have compromised over 900,000 users by secretly exfiltrating ChatGPT and DeepSeek conversations, along with full browsing histories, to attacker servers. Discovered by OX Security researchers, the malware impersonates the legitimate AITOPIA AI sidebar tool, with one…
ISC Stormcast For Wednesday, January 7th, 2026 https://isc.sans.edu/podcastdetail/9756, (Wed, Jan 7th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Wednesday, January 7th, 2026…
Red Hat Hybrid Cloud Console: Your questions answered
Managing a hybrid environment can feel like a balancing act between disparate sets of fragmented tools used for all the different platforms you interact with. If that sounds familiar, then your team needs integrated management across your diverse hybrid infrastructure.…
Algorithmic Agility in MCP Server-Client Cryptographic Negotiation
Learn how to implement algorithmic agility and post-quantum cryptography in MCP server-client negotiations to secure AI infrastructure against future threats. The post Algorithmic Agility in MCP Server-Client Cryptographic Negotiation appeared first on Security Boulevard. This article has been indexed from…
Spotify Flags Unauthorised Access to Music Catalogue
Spotify reported that a third party had scraped parts of its music catalogue after a pirate activist group claimed it had released metadata and audio files linked to hundreds of millions of tracks. The streaming company said an investigation…
How Gender Politics Are Reshaping Data Privacy and Personal Information
The contemporary legal and administrative actions in the United States are revamping how personal data is recorded, shared, and accessed by government systems. For transgender and gender diverse individuals, these changes carry heightened risks, as identity records and healthcare information…
HackerOne ‘ghosted’ me for months over $8,500 bug bounty, says researcher
Long after CVEs issued and open source flaws fixed Last fall, Jakub Ciolek reported two denial-of-service bugs in Argo CD, a popular Kubernetes controller, via HackerOne’s Internet Bug Bounty (IBB) program. Both were assigned CVEs and have since been fixed.…