The Artificial Intelligence (AI) data center insurance market is expanding rapidly due to the increasing adoption of AI technologies, rising cyber threats, and heightened demand for comprehensive risk management solutions. For decades, insurance has relied on historical averages and pooled risk. That model is breaking down; over the past several years, insured losses from natural catastrophes have exceeded US$100 billion each year. In Canada, they were the costliest ever. The country’s wildf
All Articles (3047)
Sort by
As AI adoption continues to grow, threat actors have wasted no time exploiting the trend. FortiGuard Labs recently observed a campaign delivering malicious files disguised as AI-related documents, with titles such as "AI-Ready PostgreSQL 18: Building Intelligent Data Systems" and " A Guide for Thinking Marketers in the Age of AI."
Affected Platforms: Microsoft Windows Impacted Users: Any organization Impact: Attackers gain control of the infected systems Severity Level: High |
These lures
The zLabs research team at mobile security firm Zimperium has identified a new Android banking trojan named Rokarolla. This highly invasive malware is named after its command-and-control infrastructure (the server network that threat actors use to send instructions to infected phones). According to zLabs researchers, this trojan is unusual in that it combines financial fraud with total device surveillance and can target 217 different cryptocurrency and banking programs.[1]
Attack chain explain
Last March 2026, FortiGuard Labs discovered a new Gafgyt botnet variant, C0XMO, that spreads by exploiting CVE-2021-27137. Our analysis revealed that, unlike earlier versions, this malware separates its lateral movement into a standalone Python script. This approach helps the attacker target various system architectures and device types more efficiently. Below is a detailed technical overview of its structure, propagation methods, and attack features.[1]
Link to full report: IR-26-165-001_X p
The Australian federal government has announced new regulations for telecommunications companies following a massive Optus data breach, which resulted in millions of customers' personal information being accessed. Under the new regulations, Communications Minister Michelle Rowland said information from affected companies could be shared with financial institutions when required to prevent or respond to cyber security incidents and must then be destroyed.[1]
Here's what we know so far, and what
Ubiquiti is a networking and infrastructure company, whose products have become popular with small to medium sized businesses like schools, retail organizations, or even tech enthusiasts.
Ubiquiti’s products are built around the idea of centralized management for things like networking and wireless infrastructure, surveillance, and physical security. The UniFi product line is representative of this goal and contains items like wireless access points, switches, security gateways, routers, survei
Starting 11 June, the FIFA World Cup 2026 will unite fans, teams, sponsors, broadcasters, hospitality providers, and businesses in one of the world’s largest sporting events. It also presents a significant opportunity for cybercriminals.
Major international sporting events create great anticipation, attract high search volume, evoke strong emotions, and drive large volumes of digital transactions. Fans are searching for tickets, travel offers, merchandise, live streams, betting sites, job open
Law Enforcement in Philadelphia, PA are looking for the person who they said took thousands of bottles of bourbon from a warehouse in what was called a “coordinated cargo theft operation carried out in broad daylight.”
Police said a driver of a tractor-trailer drove up to the warehouse, showed identification, and loaded 18 pallets of Noble Oak bourbon before driving off, The New York Times reported.[1]
Noble Oak Double Oak Bourbon is a 90-proof bourbon finished with sherry oak, giving it a golde
Cybersecurity researchers at Palo Alto Networks’ research division, Unit 42, have reported a large-scale malvertising scam running since late 2025. In this scam, called Operation FlutterBridge, cybercriminals are using fake Google search ads to lure Mac owners into downloading malware. According to Unit 42’s investigation, hackers first set up fake companies to buy verified Google ads and use them to evade safety checks. When users search for tools, these ads pop up and download apps that look
The US Federal Bureau of Investigation (FBI) has issued a public service announcement warning organizations and individuals about Kali365, a Phishing-as-a-Service (PhaaS) platform first observed in April 2026. The service is distributed primarily through Telegram and enables even less-technical attackers to hijack Microsoft 365 accounts by stealing OAuth access and refresh tokens, bypassing the need for passwords or multi-factor authentication (MFA). This gives almost anyone the means to carry
Telecom Italia warned ransomware attacks surged in 2025 as cybercriminals used AI and automation to scale campaigns, cautioning that rapidly evolving technology and geopolitical tensions are reshaping digital risk. In the second edition of its Cyber Security Report produced alongside Italy-based non-profit Cyber Security Foundation, TIM said ransomware claims topped 7,400 globally in 2025, up 42% compared to 2024.[1]
The report pointed to malware campaigns affecting entities in around 200 count
A China-linked cybercrime syndicate tracked as TA4922 is actively expanding its phishing campaigns to target organizations across multiple regions. New research finds that the financially-motivated group, historically focused on East Asian networks, has now hit entities in Germany, Italy, South Africa, and the UK.
TA4922 is known to share overlapping tradecraft with the Silver Fox espionage group but primarily pursues financial objectives, including massive data theft, corporate fraud, and persi
For years, cybersecurity professionals have treated vulnerability management as an insular IT operational metric, measured by patch cycles, ticket queues, and scan counts. But a new, data-driven report from Moody's Ratings elevates software vulnerabilities to where they ultimately belong: a material factor in enterprise creditworthiness and organizational resilience.[1]
The report, titled "Risks posed by unpatched software flaws vary by industry and region," analyzes two years of telemetry acro
Using FreeWave Zentry Solution and REDXRAY together can help organizations significantly strengthen cyber resilience by improving visibility, reducing operational risk, and accelerating response to emerging threats.
FreeWave Zentry is an engineered, prevention-first Zero Trust network overlay purpose-built for critical infrastructure and OT/IIoT environments that makes assets functionally invisible to unauthorized users and automated threats through a resilient cryptographic fabric, while REDXRA
The researchers developed the AllFaith Benchmark, one of the first multi-faith test sets that examines how AI systems engage with a range of religions. They tested 14 different AI models, including flagship models from Anthropic, Google, xAI, and OpenAI.
The results are telling. A survey of 1,125 Americans found that most people expect religious perspectives when asking ethics questions, but nearly every model failed to include any. More surprisingly, the models showed clear conversion bias, su
In the corporate world, substantial budgets, resources, and technical ingenuity are routinely dedicated to securing networks, hardening firewalls, fine-tuning endpoint detection, and monitoring cloud configurations. A new report from ScamZero forces a look at an equally devastating and rapidly evolving theater of conflict: the consumer and workforce fraud ecosystem.
The 2025-2026 Scam Report from ScamZero highlights a massive, sophisticated market that has evolved into a fully professionalized
Researchers at Barracuda have identified CypherLoc, a clever web-based scam that locks internet browsers and then tricks people into calling fraudulent technical support lines. Since the beginning of 2026 the kit has been used in around 2.8 million attacks worldwide. The deception represents a new evolution in so-called scareware, moving away from installing obvious harmful software and instead operating entirely inside the victim's web browser. It relies on fear and confusion rather than tra
For years, the United States federal government's Known Exploited Vulnerabilities (KEV) Catalog has served as an essential operational anchor for vulnerability management. Despite its authority, the cybersecurity community has wrestled with a frustrating structural bottleneck: the catalog has traditionally operated as a trailing indicator. US, DHS CISA had to privately validate in-the-wild exploitation before publishing, occasionally warning network defenders’ days or weeks after threat actors
Hackers are increasingly exploiting trusted artificial intelligence (AI) platforms like ChatGPT and Claude to turn them against their own users. Recently, Hackread.com reported a flaw called ClaudeBleed, discovered by LayerX, which allowed unauthorized browser extensions to hijack Anthropic Claude’s interface. Now, hackers are reportedly abusing official features of these AI tools to spread malware while easily evading web filters and security checks.[1]
The Fake Outage Trick - These observati
Analysts at SophosLabs, the threat research unit of the leading cybersecurity firm, Sophos, have investigated a series of ransomware attacks attributed to the threat group behind malware they have named WantToCry, not to be confused with the notorious and persistent Wannacry malware, which first emerged in 2017. This new operation relies on abusing the Server Message Block protocol for initial network access rather than deploying traditional malware on victim systems.
Attackers first conduct r
