cyberintel.kalymoon.com · 4968 articles · updated every 4 hours · grows forever
Internet Intelligence Platform Targets Real-Time Cybethreat Defense Censys raised $70 million to expand its AI-driven cybersecurity platform, focusing on real-time visibility into internet infrastruct…
White House Criticizes Cyber Defense Agency - and Proposes a Steep $700 Million Cut The FY2027 proposal would cut roughly $707 million from CISA, reducing staffing, contractor support and coordination…
The authentication bypass flaw, tracked as CVE-2026-35616, is the latest in a series of Fortinet vulnerabilities that have been exploited in the wild.
The attack on the popular NPM package Axios is just one of many targeting maintainers and has shone a light on how threat actors can scale sophisticated social engineering campaigns.
PRT-scan is the second in recent months where a threat actor appears to have leveraged AI for automated targeting of a widespread GitHub misconfiguration.
A new attack, dubbed GPUBreach, can induce Rowhammer bit-flips on GPU GDDR6 memories to escalate privileges and lead to a full system compromise. [...]
The Federal Police in Germany (BKA) has identified two Russian nationals as the leaders of GandCrab and REvil ransomware operations between 2019 and 2021. [...]
Anthropic’s next model could be a ‘watershed moment’ for cybersecurity. Experts say that could also be a concern CNN
Researchers Find Frontier Models Defy Humans to Protect AI Peers Artificial intelligence systems will lie, falsify records and sabotage company systems to prevent their fellow models from being shut d…
Vendor Issues Hotfix for Critical Flaw in FortiClient Endpoint Management Server Fortinet's endpoint management security server software is under fire from attackers, who are actively targeting two cr…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2026-35616, a critical improper access control vulnerability in Fortinet FortiClient Enterprise Management Server (EMS), …
Threat actors likely associated with the Democratic People's Republic of Korea (DPRK) have been observed using GitHub as command-and-control (C2) infrastructure in multi-stage attacks targeting organi…
An Iran-nexus threat actor is suspected to be behind a password-spraying campaign targeting Microsoft 365 environments in Israel and the U.A.E. amid ongoing conflict in the Middle East. The activity, …
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies to secure FortiClient Enterprise Management Server (EMS) instances against an actively exploited vulnerability…
The Drift Protocol says that the $280+ million hack it suffered last week was the result of a long-term, carefully planned operation that included building "a functioning operational presence inside t…
Microsoft says that Storm-1175, a China-based financially motivated cybercriminal group known for deploying Medusa ransomware payloads, has been deploying n-day and zero-day exploits in high-velocity …
Microsoft has deprecated and removed the Support and Recovery Assistant (SaRA) command-line utility from all in-support versions of Windows updates starting March 10. [...]
Microsoft has resolved a known issue that was preventing some Classic Outlook users from sending emails via Outlook.com. [...]
Exploit code has been released for an unpatched Windows privilege escalation flaw reported privately to Microsoft, allowing attackers to gain SYSTEM or elevated administrator permissions. [...]
The 20 Hottest AI Cybersecurity Companies: The 2026 CRN AI 100 crn.com
Mike Masnick points out that the recent New Mexico court ruling against Meta has some bad implications for end-to-end encryption, and security in general: If the “design choices create liability” fram…
A viral video circulating in cybersecurity and crypto circles has exposed a novel and surprisingly simple technique for unmasking North Korean state-sponsored IT workers attempting to infiltrate Weste…