An OnDemand Webinar from Elastic
cyberintel.kalymoon.com · 7893 articles · updated every 4 hours · grows forever
An OnDemand Webinar from Elastic
DC, United States, June 23rd, 2026, CyberNewswire Applications open 23 June–4 August 2026 to support nonprofits strengthening cybersecurity for civil society. The Internet Society Foundation today ann…
Phishing attacks have grown far more complex in recent years. Attackers no longer rely on simple static pages to steal credentials. Instead, they build layered redirect chains, execute dynamic scripts…
A well-known threat actor called Dropping Elephant has returned with a refined and more dangerous campaign, using a China-themed lure document to drop a reworked remote access trojan (RAT) onto victim…
More victims have emerged after attackers breached application vendor Klue and used its OAuth tokens to steal customers' Salesforce data.
A Russian-speaking initial access broker (IAB) driven by financial gain is assessed to be behind a large-scale credential-harvesting operation known as FortiBleed that has targeted over 430,000 FortiG…
Microsoft has released the KB5095093 preview cumulative update for Windows 11 24H2 and 25H2, which fixes numerous bugs and begins rolling out new features, including the new Point-in-Time restore fe…
Tata Electronics has confirmed in a statement to BleepingComputer that it was the target of a cyberattack that impacted parts of its IT infrastructure. [...]
A high-severity SSRF vulnerability, tracked as CVE-2026-20230, in Cisco Unified Communications Manager Server is now being exploited in attacks. [...]
As agentic AI expands the attack surface and accelerates cyberattacks, organizations must focus on containing breaches rather than preventing every intrusion, says Akamai's Mani Sundaram. He explores …
Members of Scattered Spider Group Admit Disrupting London Underground Operator Two young Englishmen pleaded guilty to hacking London Underground operator Transport for London. The 2024 attack by the S…
Threat Actor Harvesting Other Credentials; Experts See Many More Scans for SSL-VPNs Discovery of the Fortinet credential-harvesting campaign tracked as "FortiBleed" appears to be the "tip of the icebe…
Anthropic experienced a service disruption on Tuesday that produced elevated error rates across multiple Claude models, according to the company’s official status page. By mid-afternoon UTC the compan…
Most organizations spend a lot of time locking the front door of their cloud environments. Firewalls, access controls, and web application filters get the bulk of attention because that is where visib…
India’s leading two-wheeler manufacturer, Bajaj Auto, disclosed on Tuesday that it fell victim to a ransomware attack that compromised systems at both the parent company and its wholly owned technolog…
Most SOCs measure threat intelligence the same way they measure storage: bigger is better. A feed that delivers two million indicators a month looks more impressive on a vendor scorecard than one that…
Anthropic has unveiled Claude Tag, a new agentic AI feature that integrates directly into Slack, allowing teams to tag @Claude as a collaborative team member to delegate tasks, automate workflows, and…
US President Donald Trump on Monday signed a pair of executive orders aimed at accelerating the federal government’s transition to post-quantum cryptography while expanding US investment in quantum te…
Named EmberAI, the new capability is built on Dragos’ massive operational technology cybersecurity dataset. The post Dragos Unveils AI for OT Security appeared first on SecurityWeek .
The CI/CD workflow weakness affects Microsoft's Azure Sentinel, Google's AI Agent Development Kit, Apache's Doris analytics database, Cloudflare's Workers SDK, and Python Software Foundation's Black.
President Trump signed an executive order on June 22 setting hard deadlines for federal agencies to move high-value assets and high-impact systems to post-quantum cryptography. Key establishment must …
Security firm AIR built a fake AI agent skill, pushed it through a popular skill marketplace and an Instagram ad, and says it reached roughly 26,000 agents, including some on corporate accounts. Every…
A new macOS ClickFix campaign is using Terminal commands to silently download, mount, and launch info-stealing malware from malicious disk image (DMG) files. [...]
Healthcare technology company Xsolis says that sensitive data belonging to nearly 1.4 million individuals was compromised in a phishing attack that gave attackers access to its network. [...]