Healthcare technology company Xsolis says that sensitive data belonging to nearly 1.4 million individuals was compromised in a phishing attack that gave attackers access to its network. [...]
cyberintel.kalymoon.com · 7918 articles · updated every 4 hours · grows forever
Healthcare technology company Xsolis says that sensitive data belonging to nearly 1.4 million individuals was compromised in a phishing attack that gave attackers access to its network. [...]
AI models capable of devastating attacks on governments and business months away, rare Five Eyes statement warns The Guardian
Emergency alert systems work because people believe them. Every time one of these systems issues a false alert - whether through negligence or a deliberate attack - trust erodes. Read more in my artic…
A newly discovered supply chain flaw is putting thousands of organizations at serious risk. Named Cordyceps after the parasitic fungus known for taking over its hosts, this critical vulnerability quie…
Cybercriminals have found a clever and largely invisible way to send unsuspecting internet users straight to fake or compromised websites, and the FBI wants the public to know about it. The method inv…
A newly analyzed macOS backdoor called FlutterShell has been quietly targeting Mac users by disguising itself as legitimate productivity apps. It abuses Google’s Flutter app development framework to b…
A routine ransomware investigation turned into something far more alarming when security researchers uncovered two separate threat actors quietly sharing the same compromised environment. What started…
New research found that 2,058 of 6,038 apps across the LG webOS and Samsung Tizen ecosystems included residential proxy SDKs, effectively turning smart TVs into exit nodes for third-party internet tra…
The Five Eyes cyber security agencies have issued a joint warning urging governments, businesses, and critical infrastructure operators to adopt a “whole-of-organization and whole-of-society response”…
Multiple critical vulnerabilities in Dify could expose sensitive AI data across tenants and potentially impact more than one million applications. Dify, which powers AI workflows, chatbots, and retrie…
LastPass has disclosed a supply chain security incident involving its third-party vendor, Klue, that resulted in unauthorized access to customer data within its Salesforce environment. The company con…
A critical use-after-free (UAF) vulnerability in Samsung’s proprietary KNOX security subsystem, which has been hidden for over eight years, has been discovered by security research firm LucidBit, pote…
Cybercriminals launch fake GTA 6 pre-order sites offering early access for crypto payments
All US federal agencies will have to complete their post-quantum cryptography transition by 2031, according to a new Trump Executive Order
OpenAI expanded Daybreak with a full GPT-5.5-Cyber release to help defenders patch software flaws
JFrog found an npm package impersonating postcss-selector-parser to drop a multi-stage Windows RAT
What began as a routine ransomware investigation uncovered two unrelated attackers operating inside the same victim network at the same time, each obscuring the other’s activity and complicating the r…
A Reddit comment that takes only a few seconds to write can end up influencing the answers generated by AI research tools. A Cornell Tech study found that a short snippet of user-generated text, somet…
Dragos has announced the release of EmberAI, an OT-native AI built on the Dragos Intelligence Fabric. EmberAI gives every analyst immediate access to Dragos’s OT-specific intelligence, gained from mor…
N-able has announced the availability of Shadow AI Visibility across its Unified Endpoint Management (UEM) solutions, N‑central and N‑sight, and its Security Operations platform, Adlumin. The new capa…
A massive credential-harvesting campaign targeting FortiGate firewalls has exposed thousands of organizations to potential network compromise, and a trove of attacker tools, scripts, and credentials l…
26-year-old Abdellah Belmili faces up to 30 years in prison for allegedly operating the marketplaces Market0Day and Spoxy. The post Algerian Man Extradited to US for Running Cybercrime Marketplaces ap…
Carl Froggett combines CISO and CIO. He currently occupies both positions at Deep Instinct. Before then, he was CISO at Citi for almost 17 years. The post CISO Conversations: Carl Froggett – Combining…