Latest News

A brand-new cyberattack vector allows threat actors to use a poisoned browser extension to inject malicious prompts into all of the top generative AI tools on the market, including ChatGPT, Gemini, and others.

Chinese companies linked to the state-sponsored hacking group known as Silk Typhoon (aka Hafnium) have been identified as behind over a dozen technology patents, shedding light on the shadowy cyber contracting ecosystem and its offensive capabilities. The patents cover forensics and intrusion tools that enable encrypted endpoint data collection, Apple device forensics, and remote access to

Akamai's latest Ransomware Report 2025 reveals "quadruple extortion," new AI-driven tactics by groups like Black Basta, FunkSec, and TrickBot, and growing threats to non-profits. Learn about evolving cyber threats.

In this article, we will provide a brief overview of Pillar Security's platform to better understand how they are tackling AI security challenges. Pillar Security is building a platform to cover the entire software development and deployment lifecycle with the goal of providing trust in AI systems. Using its holistic approach, the platform introduces new ways of detecting AI threats, beginning

Apple on Tuesday released security updates for its entire software portfolio, including a fix for a vulnerability that Google said was exploited as a zero-day in the Chrome web browser earlier this month. The vulnerability, tracked as CVE-2025-6558 (CVSS score: 8.8), is an incorrect validation of untrusted input in the browser's ANGLE and GPU components that could result in a sandbox escape via

Cisco Talos is back at Black Hat with new research, threat detection overviews and opportunities to connect with our team. Whether you're interested in what we’re seeing in the threat landscape, detection engineering or real-world incident response, here's where and how to find us.

Menlo Park, United States, 30th July 2025, CyberNewsWire

Google has announced that it's making a security feature called Device Bound Session Credentials (DBSC) in open beta to ensure that users are safeguarded against session cookie theft attacks. DBSC, first introduced as a prototype in April 2024, is designed to bind authentication sessions to a device so as to prevent threat actors from using stolen cookies to sign-in to victims' accounts and gain

The National Treasury of South Africa is among the half-dozen known victims in South Africa — along with other nations — of the mass compromise of on-premises Microsoft SharePoint servers.

Threat actors have been observed exploiting a now-patched critical SAP NetWeaver flaw to deliver the Auto-Color backdoor in an attack targeting a U.S.-based chemicals company in April 2025. "Over the course of three days, a threat actor gained access to the customer's network, attempted to download several suspicious files and communicated with malicious infrastructure linked to Auto-Color