Latest News

Security Operations Center (SOC) teams are facing a fundamentally new challenge — traditional cybersecurity tools are failing to detect advanced adversaries who have become experts at evading endpoint-based defenses and signature-based detection systems. The reality of these “invisible intruders” is driving a significant need for a multi-layered approach to detecting threats,

These 3 cybersecurity threats may not be the most sophisticated, but they're the most effective—and serious—threats for small businesses.

Artificial intelligence (AI) company Anthropic has revealed that unknown threat actors leveraged its Claude chatbot for an "influence-as-a-service" operation to engage with authentic accounts across Facebook and X. The sophisticated activity, branded as financially-motivated, is said to have used its AI tool to orchestrate 100 distinct persons on the two social media platforms, creating a

Cybercriminals are having less success targeting end-user technology with zero-day attacks, said Google's security team this week.

Threat actors are bypassing MFA with adversary-in-the-middle attacks via reverse proxies. Phishing-as-a-Service tools like Evilproxy make these threats harder to detect.

For over a decade, application security teams have faced a brutal irony: the more advanced the detection tools became, the less useful their results proved to be. As alerts from static analysis tools, scanners, and CVE databases surged, the promise of better security grew more distant. In its place, a new reality took hold—one defined by alert fatigue and overwhelmed teams. According to OX

Russian companies have been targeted as part of a large-scale phishing campaign that's designed to deliver a known malware called DarkWatchman. Targets of the attacks include entities in the media, tourism, finance and insurance, manufacturing, retail, energy, telecom, transport, and biotechnology sectors, Russian cybersecurity company F6 said. The activity is assessed to be the work of a

Enterprise data backup platform Commvault has revealed that an unknown nation-state threat actor breached its Microsoft Azure environment by exploiting CVE-2025-3928 but emphasized there is no evidence of unauthorized data access. "This activity has affected a small number of customers we have in common with Microsoft, and we are working with those customers to provide assistance," the company

For years, North Korea has been secretly placing young IT workers inside Western companies. With AI, their schemes are now more devious—and effective—than ever.

User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.