The 2025 Internet Crime Report was published a few weeks ago, but I only just saw it. Lots of interesting statistics. Press release . News articles .
cyberintel.kalymoon.com · 8648 articles · updated every 4 hours · grows forever
The 2025 Internet Crime Report was published a few weeks ago, but I only just saw it. Lots of interesting statistics. Press release . News articles .
A dangerous malware campaign known as Glassworm has been spreading through the tools that software developers trust most every day. By abusing popular platforms like npm, PyPI, OpenVSX, and GitHub, th…
Apple is reportedly developing a new iPhone security feature designed to automatically lock the device the moment it detects a theft-in-progress, a significant upgrade to the company’s existing anti-t…
Phishing attacks are nothing new, but attackers keep finding smarter ways to stay one step ahead of security tools. The latest campaign doing the rounds is a stark reminder that trust, especially the …
A well-known open-source security framework called ROADtools has been turned against the organizations it was originally built to protect. Once a legitimate red-teaming tool, attackers are now activel…
UK firms plan higher cyber spending as AI adoption raises security concerns
Group-IB uncovered Ghost Stadium phishing and 4300 fake FIFA World Cup domains targeting fans
For most of my career running security operations, the shape of cyber conflict has been defined by who could move faster than the other side. Faster at identifying a vulnerability, faster at patching,…
Generative AI tools operate inside nearly every European workplace, embedded in meeting transcription services, writing assistants, coding copilots, and search features. Workers in the region pull the…
In this Help Net Security video, Ido Livneh, CEO of Jazz, explains why security analysts burn out and what leaders can do about it. The cause, he argues, is not long hours but meaningless work. Analys…
Vigolium, an open-source vulnerability scanner that combines deterministic scanning with AI-driven auditing, launched its initial open-source release this month. The project ships 235+ scanner modules…
Crypto payment firms sit near the top of the target list for advanced persistent threat groups, and the workload on their security leaders keeps growing. Malcolm Portelli, CISO at Coinflow, runs the c…
Novee has announced Agentic Fix, an enhancement to its AI penetration testing platform that helps teams move from validating security findings to deploying fixes in a single step. Agentic Fix extends …
AppOmni has launched Marlin AI to transform how enterprise organizations defend complex SaaS applications. Marlin AI delivers autonomous AI-powered SaaS security that leverages AppOmni’s deep SaaS app…
Jetico has announced the extension of BestCrypt Data Shelter to include centrally managed enterprise data access control for sensitive files. The solution allows security teams to define and enforce p…
Franklin Access has launched a three-layer security system integrated into its Wi-Fi routers, delivering enterprise-grade protection for consumers and small businesses. The system runs automatically i…
Apple has published its post-quantum cryptography implementations in corecrypto, together with mathematical proofs and verification tools for independent expert evaluation, allowing external researche…
Attackers are hosting counterfeit installers and plugins on GitHub and SourceForge that pose as widely used software, including ChatGPT, Claude, AutoTune, Kontakt, Ableton Live, and ZENOLOGY. The down…
The FBI has issued an alert warning of Silent Ransom Group attacks targeting law firms. The post FBI: Hackers Sending Operatives in Person to Insert USB Drives and Steal Data appeared first on Securit…
The attack was claimed by a hacktivist group, but evidence showed it used infrastructure linked to Iranian government threat actors. The post LA Metro Cyberattack Linked to Iranian State-Sponsored Hac…
Security firms took down all four command-and-control (C&C) channels used by the GlassWorm malware. The post GlassWorm Botnet Disrupted appeared first on SecurityWeek .
Malicious repositories and disguised symlinks can trick AI coding agents into silently installing attacker-controlled MCP servers capable of stealing secrets, compromising CI pipelines, and deploying …
As AI accelerates phishing, session hijacking, and credential abuse, security teams are racing to close the gap between attacker speed and defensive response. The post The Credential Crisis: How Stole…
The new funding, led by BDC Capital’s StrongNorth Fund, will accelerate Lastwall’s North American expansion. The post Lastwall Raises $11.5 Million for Quantum-Resilient Identity Platform appeared fir…