Cyber intel feed

The job applicants' personal information could be accessed by simply guessing a username and using the password “12345.”

The U.K. National Crime Agency (NCA) on Thursday announced that four people have been arrested in connection with cyber attacks targeting major retailers Marks & Spencer, Co-op, and Harrods. The arrested individuals include two men aged 19, a third ag...

Generative AI is not arriving with a bang, it’s slowly creeping into the software that companies already use on a daily basis. Whether it is video conferencing or CRM, vendors are scrambling to integrate AI copilots and assistants into their SaaS applicat...

Cybersecurity researchers have discovered new artifacts associated with an Apple macOS malware called ZuRu, which is known to propagate via trojanized versions of legitimate software. SentinelOne, in a new report shared with The Hacker News, said the malw...

Semiconductor company AMD is warning of a new set of vulnerabilities affecting a broad range of chipsets that could lead to information disclosure. The flaws, collectively called Transient Scheduler Attacks (TSA), manifest in the form of a speculative sid...

A high-severity security flaw has been disclosed in ServiceNow's platform that, if successfully exploited, could result in data exposure and exfiltration. The vulnerability, tracked as CVE-2025-3648 (CVSS score: 8.2), has been described as a case of data ...

Read Full Article for Details

Read Full Article for Details

Stories about Chinese APTs attacking the US and Canada are plentiful. In a turnabout, researchers found what they believe is a North American entity attacking a Chinese entity, thanks to a mysterious issue in Microsoft Exchange.

Read Full Article for Details

Read Full Article for Details

For browsers, exploitation is out — and getting users to compromise their own systems is in. Improved browser security has forced attackers to adapt their tactics, and they've accepted the challenge.

Read Full Article for Details

Read Full Article for Details

Read Full Article for Details

Read Full Article for Details

A container escape flaw involving the NVIDIA Container Toolkit could have enabled a threat actor to access AI datasets across tenants.

Worried about hackers employing LLMs to write powerful malware? Using targeted reinforcement learning (RL) to train open source models in specific tasks has yielded the capability to do just that.

The Initial Access Broker (IAB) known as Gold Melody has been attributed to a campaign that exploits leaked ASP.NET machine keys to obtain unauthorized access to organizations and peddle that access to other threat actors. The activity is being tracked by...

No description available