X-Industry

A new report from Google Threat Intelligence Group (GTIG) reveals a coordinated campaign exploiting an AI-generated zero-day vulnerability.  The attack targets an unnamed open-source web administration tool, using the flaw to bypass two-factor authentication (2FA).  The researchers say they identified an active threat actor utilizing large language models (LLMs) to actively discover and weaponize software vulnerabilities in the wild.

As the targeted flaw involves a high-level semantic logic bug

What is a “honeypot” in the context of cybersecurity?  The term first appeared in the 1980s and 1990s, when it was used to describe precisely that, a honey trap that lured in unsuspecting hackers, putting them on the back foot.  Clifford Stoll’s 1989 book The Cuckoo’s Egg is the first official documentation of a honeypot in the cyber world. Stoll tells the story of using what he called a “honeypot” to find a German hacker who had infiltrated U.S. military computers.  Now the term is used in cybe

The cybersecurity community recently received an urgent signal from Darktrace's research team about a sophisticated intrusion campaign linked to Salt Typhoon, a persistent threat actor with ties to China.  The core of this campaign: the exploitation of a critical vulnerability in the Citrix NetScaler Gateway (formerly Citrix ADC/Gateway).  This is not just another vulnerability report; it is a live-fire case study highlighting the strategic importance of patching perimeter devices and the necess