Quorum Cyber has published its 2026 Global Cyber Risk Outlook report[1], detailing a significant evolution in cyber threats driven by Artificial Intelligence (AI) and Ransomware-as-a-Service (RaaS) platforms. The analysis, based on incidents across more than 350 organizations worldwide in 2025, indicates that cybercrime has entered a more industrialized phase. This development allows even poorly skilled attackers to launch sophisticated operations, with nation-state actors automating up to 90%
All Articles (2877)
Sort by
Details are emerging of how the US military employed cyber capabilities to disrupt Iranian air missile defense systems during Operation Midnight Hammer, a coordinated effort to target Iran's nuclear program. The operation focused on nuclear sites at Fordow, Natanz, and Esfahan. This disruption assisted in preventing Iran from launching surface-to-air missiles against US warplanes that entered Iranian airspace, according to US officials. The strikes occurred on 21 June 2025, involving seven B-2
How smart is today’s artificial intelligence, really? Not in marketing terms, not in sci fi language, but in the sober light of difficult questions like… How many tendons attach to a tiny bone in a hummingbird’s tail? Which syllables in a Biblical Hebrew verse are “closed” according to the latest specialist scholarship? Those are not trivia questions; they are examples from “Humanity’s Last Exam,” a new benchmark that is reshaping how we think about AI progress.[1]
The benchmark comes from a
State-backed hackers and cybercriminals are increasingly exploiting Google’s Gemini AI to streamline their attacks from initial reconnaissance to post-compromise operations. According to new research, actors linked to China, Iran, North Korea, and Russia used the model for target profiling, phishing lure generation, translation, coding, vulnerability testing, command-and-control development, and data exfiltration.
Some operatives even posed as cybersecurity experts to trick the AI tool into prod
Recently observed a phishing campaign in the wild that delivers a new variant of XWorm.
XWorm is a multi-functional Remote Access Trojan (RAT) first identified in 2022 that remains actively distributed, including through Telegram-based marketplaces. Once deployed, it provides attackers with full remote control of compromised Windows systems. This campaign relies on multiple phishing emails that employ social engineering to trick recipients into opening a malicious attachment. The following an
Even though Valentine’s Day is over, the romance scam schemes still persist. While you might be out there searching for your Valentine, scammers were out there looking for victims. The FBI is reporting record-high numbers of what they are calling "romance scams," people online pretending to be a potential love interest in an attempt to steal your money.
The FBI is urging people to think twice about who they might be engaging. "This is a whiteboard that was found in the scam compound in Cambod
A federal jury in San Francisco has convicted a former Google software engineer of economic espionage and theft of trade secrets, marking one of the most significant US prosecutions to date involving the theft of advanced artificial intelligence technology. According to the US Department of Justice (DOJ), Linwei Ding, also known as Leon Ding, was found guilty on 14 federal counts, including seven counts of economic espionage and seven counts of theft of trade secrets, following an 11-day trial
Recently, the Federal Bureau of Investigation (FBI) released Operation Winter Shield. This document outlines critical actions organizations can take to enhance resilience against cyber intrusions, based on FBI recommendations.
Phish-Resistant Authentication:
- Implement phish-resistant methods like FIDO2 security keys for high-impact accounts and critical systems.
- Require number-matching and domain display for authenticator apps, avoiding push-only approvals.
- Eliminate SMS-based multi-factor au
In a recent law enforcement operation, the Federal Bureau of Investigation (FBI) dismantled the notorious cyber-criminal forum known as the Russian Anonymous Marketplace (RAMP), a platform favored by ransomware actors and initial access brokers. This takedown represents a significant disruption in the cybercrime landscape, particularly for Russian-speaking cybercriminals. The news of RAMP's disarray emerged in late January 2026, when several cyber threat intelligence (CTI) analysts observed tha
Researchers at Varonis Threat Labs have disclosed a proof-of-concept attack technique that enables the silent exfiltration of outgoing emails from Microsoft 365 accounts using legitimate Outlook add-ins. Named Exfil Out&Look, the method exploits Outlook Web Access (OWA) to intercept and transmit email content without generating forensic traces in audit logs. The technique involves creating a custom Outlook add-in with standard web technologies, including a manifest file that specifies minimal
Microsoft is warning that the June expiration of software certificates will put those still using Windows 10 in an even more vulnerable state. The software certificates deal with a feature called Secure Boot, which can prevent a PC from loading malicious code as the machine starts up. Microsoft initially introduced the feature in 2011 with Windows 8 to ensure only trusted software runs during the boot process, warding off potential "pre-boot malware" threats.[1]
The problem is that “all Window
It's happening: AI bots are starting to organize in their own digital societies. The kicker? The humans are setting up institutions for them. Are we digging our own graves? For now, there's some reason to believe what's going on is more hype than substance. But while it's the first time we have seen some things, they're a continuation of the agentic AI theme that's been building for about a year. It wouldn't be surprising if more is on the way.
Even OpenAI CEO Sam Altman is on edge this we
Ollama is an open-source framework that enables users to run large language models locally on their own hardware. By design, the service binds to localhost (127.0.0.1) on port 11434, making instances accessible only from the host machine. However, exposing Ollama to the public internet requires only a single configuration change: setting the service to bind to 0.0.0.0 or a public interface. At scale, these individual deployment decisions aggregate into a measurable public surface.[1]
Over the p
A new report from Cyfirma has identified a sophisticated Android application, "Hicas," which, while masquerading as a "Smart Travel Packing Companion" on the Google Play Store, covertly functions as a fraudulent loan platform. The app, which has amassed over 500,000 downloads, specifically targets users in India, raising significant concerns about financial crime and data privacy. Initially appearing as a legitimate utility designed to assist travelers with packing, Hicas presented itself inno
An Anthropic staffer who led a team researching AI safety departed the company on 9 February, darkly warning both of a world “in peril” and the difficulty in being able to let “our values govern our actions” without any elaboration in a public resignation letter that also suggested the company had set its values aside.
Anthropic safety researcher Mrinank Sharma's resignation letter garnered 1 million views by the 9th.
Mrinank Sharma, who had led Anthropic’s safeguards research team since its la
The Center for Strategic and International Studies (CSIS) has provided a research paper on maritime cyber security. Maritime ports underpin the global economy, handling over 80% of trade by volume. In recent decades, ports have increasingly digitized, integrating automated terminals, networked operational technology (OT), and data-driven management systems. While digitization increases port productivity, it also introduces acute cyber vulnerabilities. Absent significant cybersecurity improve
Social media has overtaken email as the primary channel for online scams in the UK, accounting for 34% of reported incidents according to recent research. This shift highlights growing concerns over fraudulent content on platforms such as Facebook and Instagram, particularly in finance-related advertising. A new analysis by BrokerChooser examined over 1,200 active finance-related ads in the Meta Ads Library to assess exposure to high-risk promotions across multiple countries. The study classi
A surge in ShinyHunters SaaS data theft incidents has been linked to highly targeted voice phishing (vishing) campaigns that combine live phone calls with convincing, company-branded phishing sites.
In these attacks, threat actors impersonate corporate IT or helpdesk staff and contact employees directly, claiming MFA settings need urgent updates. Victims are then guided to fake SSO portals designed to capture credentials and MFA codes.
According to reports released this week from Okta and Mandia
A new security feature rolled out to select models of the latest iPhones and iPads will make it more difficult for law enforcement, spies, and malicious hackers to obtain a person’s precise location data from their phone provider. According to Apple, the new feature, when enabled, limits the precision of location data that iPhones and cellular-enabled iPads share with the customer’s cell carrier. Sharing a less precise location, such as the general neighborhood rather than a street address, wi
Red Sky Alliance recently heard a Podcast presented by the Torch, which highlighted US law enforcement sources explaining the hazards of the gaming platform RoBlox. This is a popular game frequented by children of various ages. Questions arise asking: Is your kid begging for a Roblox account or more screen time to play it? Have you noticed your child chatting online while playing Roblox? If these issues have cropped up in your household, you may wonder whether Roblox is safe for kids.[1]
Rob
