X-Industry

The slow-motion Russian invasion of Ukraine has highlighted persistent vulnerabilities in Western military readiness, specifically concerning munitions stockpiles, supply chain resilience, and procurement agility.  As the conflict continues, nations are adjusting their force posture and defense planning.  These changes aim not only to support Ukraine but also to prepare for the realities of prolonged, multi-domain warfare.

While quantum computing and automation are shaping the following stages o

The Hoxhunt 2025 Cyber Threat Intelligence Report delivers a sobering message for security professionals: the most dangerous threats are no longer the most obvious ones.  As 2026 approaches, enterprises are no longer fighting clumsy, error-riddled bulk spam; they are facing a quiet revolution where sophisticated, convincing attacks blend seamlessly into daily workflows, fueled by AI and advanced token-theft toolkits.

See:  https://hoxhunt.com/guide/threat-intelligence-report

The report, based on

What is a “honeypot” in the context of cybersecurity?  The term first appeared in the 1980s and 1990s, when it was used to describe precisely that, a honey trap that lured in unsuspecting hackers, putting them on the back foot.  Clifford Stoll’s 1989 book The Cuckoo’s Egg is the first official documentation of a honeypot in the cyber world. Stoll tells the story of using what he called a “honeypot” to find a German hacker who had infiltrated U.S. military computers.  Now the term is used in cybe

New AI-powered web browsers, such as OpenAI’s ChatGPT Atlas and Perplexity’s Comet, are attempting to unseat Google Chrome as the primary gateway to the Internet for billions of users.  A key selling point of these products is their web browsing AI agents, which promise to complete tasks on a user’s behalf by navigating websites and filling out forms.  However, consumers may not be aware of the significant risks to user privacy associated with agentic browsing, a problem that the entire tech ind

For decades, online security has relied on cryptographic systems that are robust against classical computers.  But quantum computing changes the game.  It threatens to undermine the mathematical foundations of widely used encryption methods, exposing sensitive data captured today to future decryption and exploitation.  This looming threat has catalyzed a global effort to build quantum-safe cryptography, and a recent survey by Chhetri et al. offers a sweeping and useful view of how post-quantum c

A transnational operation involving 14 African countries has dismantled a large-scale digital scamming network, resulting in 260 arrests and the seizure of 1,235 electronic devices.  The Interpol-led effort, named Operation Contender 3.0, marks the third wave of arrests against fraudsters and romance scammers in Africa following operations in 2021 and 2024.  This third crackdown was conducted between July 28 and August 11, 2025.  It focused on romance scams, where perpetrators build online relat

Attacker Breakout Time refers to the time it takes for an intruder to begin moving laterally outside of the initial beachhead to other systems in the network.  Threat actors are accelerating their attacks and adopting innovative new ways to circumvent endpoint detection mechanisms, according to a new report from ReliaQuest.  The threat intelligence vendor claimed in its latest Threat Spotlight report for the period June–August 2025 that the average breakout time dropped to only 18 minutes.  One

A suspected cyber-attack targeting a third-party software supplier has caused major flight cancellations and delays at several European airports over the weekend.  London’s Heathrow Airport and terminals in Brussels, Berlin, and Dublin are among those that continue to be impacted by the incident.  A US aerospace and defense leader, RTX, told the BBC that its Muse software was targeted by threat actors.  The software helps airlines to digitally check in passengers, validate boarding passes, and t

The US Secret Service on 23 September reported it has foiled what appears to be a sophisticated plot for cyber-espionage and disruption of mobile networks in New York at a time when more than 100 heads of state and governments and foreign ministers are in the city for the UN General Assembly’s leaders’ session.

In a statement, the Secret Service said that the agency recovered more than 300 co-located SIM servers and 100,000 SIM cards across multiple sites in New York tristate area.  The agency s

Ransomware attacks may have decreased recently, but that does not mean the risk has gone.  It remains one of the most disruptive cyber threats facing organizations.   Headlines sometimes create a false sense of relief.  Ransomware attacks are down by 15%, according to Verizon's latest DBIR report, but those of us working in cybersecurity know this doesn’t give the whole picture.  The most important issue isn’t how often an attack occurs; it is what happens to the organization when it does.

The f

US lawmakers have accused the Chinese government of being behind a cyber espionage campaign that impersonated a prominent Congressman.  The House Select Committee on Strategic Competition between the US and the Chinese Communist Party (CCP) said that CCP-affiliated actors impersonated its Chairman, Representative John Moolenaar (R-MI), in emails to “trusted counterparts” to try and trick them into malicious files and links.[1]

These files and links were designed to grant attackers access to vict

A new sneaky type of malware, known as Raven Stealer, has been identified by the Lat61 Threat Intelligence Team at Point Wild.  The research team, led by Onkar R. Sonawane, has found that this seemingly simple program is surprisingly adept at remaining undetected while stealing your personal information.  The research, shared with Hackread.com, reveals that the malware is primarily spread through underground forums and often bundled with pirated software.

Built using the programming languages De

In a recent warning to global organizations, cybersecurity firm Netscout has unveiled its latest DDoS Threat Intelligence Report for the first half of 2025, highlighting an unrelenting barrage of Distributed Denial-of-Service (DDoS) attacks that are increasingly sophisticated, geopolitically motivated, and amplified by artificial intelligence.  Netscout's report, titled "Digital Aftershocks: Collateral Damage from DDoS Attacks," documents over 8 million attacks worldwide, with more than 3.2 mill

A joint study by Cybersecurity at MIT Sloan (CAMS) and Safe Security has examined 2,800 ransomware incidents and found that a staggering 80.83%, or more than 2,272 attacks, were driven by artificial intelligence. This statistic is not theoretical; it's based on comprehensive, real-world data collected during 2023–2024.

The Rethinking the Cybersecurity Arms Race working paper paints a vivid picture of how AI is transforming attack methods. Adversaries are no longer relying on manual orchestration

Hackers, criminals, and spies are rapidly adopting Artificial Intelligence (AI), and considerable evidence is emerging of a substantial acceleration in AI-enabled crime.  This includes evidence of the use of AI tools for financial crime, phishing, distributed denial of service (DDoS), child sexual abuse material (CSAM), and romance scams.  In all these areas, criminal use of AI is already augmenting revenue generation and exacerbating financial and personal harms.  Scammers and social engineers,

Cybersecurity researcher Jeremiah Fowler identified two unprotected, misconfigured databases containing nearly one million records linked to Ohio Medical Alliance LLC, a company better known under its brand name Ohio Marijuana Card.  Fowler, who reported the exposure to Website Planet, found that the databases were left open without encryption or password protection, allowing anyone with an internet connection to access names, Social Security numbers (SSN), dates of birth, home addresses, and hi

Why hack when hackers are willing to sell guaranteed access to breached networks?  Increasingly, cybercrooks agree they would rather outsource than bother with the tedium of actual network penetration, leading to a flourishing initial access market.  Remote access to a victim's network now retails for an average price of $2,700, although about 40% of what's being sold goes for much less $500 to $1,000, noted in a report from cybersecurity firm Rapid7.   Research is based on listings posted over

Homeland Security Investigations (HSI), in partnership with US and international law enforcement agencies, has dismantled the infrastructure behind BlackSuit ransomware, a major cybercriminal group and successor to Royal ransomware, in a coordinated global operation.  The action targeted the backbone of the group's operations, including servers, domains, and digital assets used to deploy ransomware, extort victims, and launder proceeds.  According to US Immigration and Customs Enforcement (ICE),

Google has announced a significant data breach that has hit its corporate Salesforce database, and Google sent email notifications to the affected users on 08 August 2025.  Earlier, Google had said that one of its corporate Salesforce instances was compromised in June 2025 by the notorious cybercriminal group known as ShinyHunters, officially tracked as UNC6040 by the Google Threat Intelligence Group.  “We believe threat actors using the 'ShinyHunters' brand may be preparing to escalate their ex

Remote Access Trojans, also known as RATs, have been around for years, although their prevalence in the market has surged recently.  RATs are digital skeleton keys, giving an attacker remote control over a system, often without the user ever knowing.  This kind of access often starts with someone clicking a malicious link or opening a rogue attachment in a phishing email or messaging app.  From there, the attacker can move laterally, steal data, monitor activity, or trigger ransomware.

RATs have