X-Industry

Consider the history of any recent corporate scandal, and it is quite possible to guess what the story began with: a poorly secured file.  No complex hacker intrusion, no state-sponsored attacks, just a document that had been sent to the wrong address, left in an unprotected storage space or forwarded to a person who could hardly be trusted with confidential information.

As for modern businesses, they almost certainly store some sort of confidential data and exchange it in a manner that is far f

Artificial intelligence has become integral to contemporary cyber-attack planning and execution.  Recent research demonstrates how embedded AI systems now operate across organized cybercrime activities, fundamentally altering attack methodologies through increased speed and targeting precision.  Europol's 2026 threat assessment identifies the integration of automation and AI as a defining characteristic of modern cybercrime. Industry reporting indicates that AI vulnerabilities and AI-enabled fra

Researchers at ESET have published a detailed analysis of Webworm's 2025 operations, a China-aligned Advanced Persistent Threat (APT) group previously focused on organizations in Asia.  The group has now expanded its activities to Europe, targeting government bodies in Belgium, Italy, Poland, Serbia, and Spain, while also partnering with a university in South Africa.[1]

The Webworm threat group has links to other China-aligned actors, including SixLittleMonkeys and FishMonger. In earlier campaig

Twenty minutes into drafting an article, I stopped.  The voice was mine.  The rhythm was mine.  The vocabulary was mine. But the argument had moved somewhere I had not chosen to take it.  I had opened the session with a clear thesis.  The AI LLM assistant did not disagree with me.  It had simply kept offering better-sounding alternatives. And I had kept accepting them.  By the time I noticed, I could not easily identify where my thinking ended and the model’s thinking began.

Most people still im

Picture a locked box that anyone can see, but only you can open with a special key you keep hidden.  That simple idea powers the security of nearly every cryptocurrency wallet, bank transfer, and secure online login today.  A new 110-page analysis from Project Eleven warns that this everyday protection could crumble within four to seven years under the weight of an entirely different kind of machine: the quantum computer.  The report, titled The Quantum Threat to Blockchains - 2026 Report, maps

For years, science fiction has warned humanity about artificial intelligence going off the rails.  Killer computers, manipulative chatbots, and superintelligent systems deciding people are the problem... all these themes have become so familiar that “evil AI” is practically its own entertainment genre.  Now, Anthropic is floating an idea that sounds almost like the plot of a science fiction novel itself: what if all those stories helped teach modern AI systems how to behave badly in the first pl

Finding software vulnerabilities used to require teams of security researchers months of painstaking analysis.  Anthropic’s Claude Mythos does it automatically-and that’s exactly the problem.  The company admits no one, including itself, has built safeguards strong enough to prevent such models from being weaponized.  Yet Anthropic simultaneously promises to make “Mythos-class models” publicly available once it develops “far stronger safeguards.”[1]

When AI Outpaces Human Security Teams - Mythos

In the cybersecurity world, we often assume that small and medium-sized businesses (SMBs) are the lagging indicators of digital maturity.  But new research from Tech.co and Expert Market suggests that SMB leaders are becoming surprisingly surgical in their tech adoption.  The data reveal a major pivot in 2026: while many organizations are pulling back AI for general business tasks, automated cybersecurity remains a non-negotiable priority.  As inflation pressures and tech regret drive a more sel

Infostealers targeting macOS have continued to proliferate over the last two years, with threat actors iterating on successful techniques across related malware families. Researchers at Moonlock, Jamf, and Malwarebytes have previously documented the rise of SHub Stealer, including its use of fake application installers and “ClickFix” social engineering.  SentinelOne recently observed a new SHub variant using the build tag “Reaper.”  Below is their great analysis.

Reaper uses fake WeChat and Miro

Two Microsoft zero-days affecting its Defender antimalware suite are being actively exploited to trigger denial-of-service (DoS) states on unpatched Windows devices. The first flaw, tracked as CVE-2026-41091 (CVSS: 7.8), is a privilege escalation vulnerability impacting the Microsoft Malware Protection Engine versions 1.1.26030.3008 and earlier. This engine provides scanning, detection, and cleaning functions for Microsoft’s native security software.  The vulnerability arises from an improper li

FortiGuard Labs recently identified persistent P2Pinfect presences within Google Kubernetes Engine (GKE) clusters at several client companies, with one compromise spanning six months.  The compromises originated from exposed Redis instances, which allowed the botnet to gain an initial foothold.  The botnet's beaconing was repeatedly flagged in FortiCNAPP's Composite Alerts, underscoring how a single misconfiguration can enable long-term compromise in cloud environments.  The IOCs observed across

New research from Barracuda Networks has identified a surge in attacks by Saiga 2FA, a small-scale but sophisticated phishing kit.  Activity increased significantly in February 2026, following earlier sightings targeting legal organizations in Australia in 2025.  The kit operates as a boutique service rather than a high-volume automated platform, focusing on highly targeted campaigns against enterprise email users.   Saiga 2FA serves as an Adversary-in-the-Middle tool that bypasses multifactor a

Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and many internal CISA systems.  Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history.

On 15 May, KrebsOnSecurity heard from Gui

Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer code.  That reality is on full display this month, with some of the more widely used software makers, including Apple, Google, Microsoft, Mozilla, and Oracle, fixing near-record volumes of security bugs and/or quickening the tempo of their patch releases.[1]

As it does on the second Tuesday of every mon

These attacks are abusing trusted remote access tools to bypass detection, exposing a growing security gap for enterprises.  A fake Word Online phishing page has exposed a growing enterprise blind spot: attackers using trusted tools to gain remote access without raising immediate alarms.  

The attack chain observed by ANY.RUN moved from an Outlook email to an MSI installer, silent execution, ScreenConnect remote access, and HideUL-based concealment.  For CISOs, this is a warning that phishing in

With record reports of bear attacks on humans, Japan has been increasingly turning to high-tech solutions, as you might expect.  However, reports suggest that Ohta Seiki, a firm making the animatronic robot Monster Wolf to repel bears from human-habituated areas, can’t keep up with demand.  “We cannot make them fast enough,” company president Yuji Ohta told AFP.   This year’s order book for Monster Wolf has already hit 50 units.  Hokkaido-based Ohta Seiki usually doesn’t even manufacture that ma

A new report from Google Threat Intelligence Group (GTIG) reveals a coordinated campaign exploiting an AI-generated zero-day vulnerability.  The attack targets an unnamed open-source web administration tool, using the flaw to bypass two-factor authentication (2FA).  The researchers say they identified an active threat actor utilizing large language models (LLMs) to actively discover and weaponize software vulnerabilities in the wild.

As the targeted flaw involves a high-level semantic logic bug

Europe is pouring more than €2 billion into sovereign cloud initiatives designed to reduce exposure to US legal reach.  The EU's IPCEI-CIS program funds infrastructure development.  France qualifies operators under SecNumCloud, a framework with nearly 1,200 technical requirements promising "immunity from extraterritorial laws."

But most datacenters and qualified cloud operators still rely heavily on Intel or AMD processors.  And inside those processors sits a computer beneath the computer: manag

The FBI have remotely reset thousands of home and small office routers after releasing a joint press release detailing how Russia has been compromising devices.

Some brands of routers are known for lasting upwards of a decade, and while that's great for the consumer, the developers will often stop releasing updates to keep the router secure.  This leaves them open to compromise by attackers, specifically Russia’s Main Directorate of the General Staff (GRU), tracked as APT28 or Fancy Bear, which

The Port of Long Beach has opened a new Cyber Defense Operations Center (CDOC) dedicated to protecting the seaport from cyberattacks, utilizing monitoring and threat analysis to secure the digital infrastructure of one of the busiest maritime gateways in the United States.

The Port of Long Beach in California says that it currently stops an attempted cyberattack approximately every three seconds, highlighting the constant threat to the $300 billion in trade handled annually by the complex.  The