A panel discussion at DEF CON 33 recently, titled “Adversaries at war: Tactics, technologies, and lessons from modern battlefields”, offered several thought-provoking points, as well as a clear takeaway: while digital tactics such as misinformation and influence campaigns are useful in modern conflict, they are not going to win a war. That is because when bombs start dropping and the physical elements of war are under way, the misinformation spreading through digital channels becomes less impor
All Articles (2760)
Sort by
Think your shiny new electric vehicle keeps your secrets safe? Think again. Researchers from Massachusetts Institute of Technology (MIT) recently proved that the innocent-looking battery gauge on your dashboard can betray your personal details to anyone tech-savvy enough to look. Simply put, the way your EV uses power isn't just about range anxiety, it's broadcasting your location and driving habits in surprising detail.
How Battery Power Patterns Betray Drivers - MIT researchers demonstrate
Remote Access Trojans, also known as RATs, have been around for years, although their prevalence in the market has surged recently. RATs are digital skeleton keys, giving an attacker remote control over a system, often without the user ever knowing. This kind of access often starts with someone clicking a malicious link or opening a rogue attachment in a phishing email or messaging app. From there, the attacker can move laterally, steal data, monitor activity, or trigger ransomware.
RATs have
A recent surge in fraudulent “AI-powered” trading platforms has been observed exploiting deepfake technology and fabricated online content to deceive investors. According to a new investigation by Group-IB, scammers are deploying convincing fake videos, phony reviews and targeted online ads to lure victims into fraudulent investment schemes. At the heart of these campaigns are AI-generated deepfake videos featuring public figures, such as Dutch politician Geert Wilders, endorsing fictional tra
The legal market segment has been a prime target for cybercriminals due to the highly sensitive and confidential data it holds. A recent report from the International Legal Technology Association (ILTA) and Fenix24, "Security at Issue: State of Cybersecurity in Law Firms," reveals a crucial shift in the threat landscape. The report, based on a survey of 60 law firms, indicates that while awareness and investment are rising, fundamental vulnerabilities persist, and human-operated attacks are no
There’s at least one expert who believes that “the singularity,” the moment when artificial intelligence surpasses the control of humans; could be just a few years away. That’s a lot shorter than current predictions regarding the timeline of AI dominance, especially considering that AI dominance is not exactly guaranteed in the first place.
Ben Goertzel, CEO of SingularityNET, who holds a Ph.D. from Temple University and has worked as a leader of Humanity+ and the Artificial General Intelligenc
The US Cybersecurity and Infrastructure Security Agency (CISA) on 13 August 2025 added two security flaws impacting N-able N-central to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. N-able N-central is a Remote Monitoring and Management (RMM) platform designed for Managed Service Providers (MSPs), allowing customers to efficiently manage and secure their clients' Windows, Apple, and Linux endpoints from a single, unified platform.[1]
The vulnerabilit
This reads like a James Bond movie. Chinese scientists have been devising sophisticated ways to destroy Elon Musk’s Starlink satellite network, including using stealth submarines fitted with space-shooting lasers, amid Chinese government fears that the technology poses a risk to its strategic interests. As of 2025, China's military, specifically the People's Liberation Army Navy (PLAN), is estimated to operate between 65 and 75 submarines. This fleet includes both nuclear-powered and diesel-el
The North Korean state-backed hacker group tracked as ScarCruft recently took the unusual step of infecting targets with ransomware alongside other malicious files, researchers said. ScarCruft, primarily known for cyber-espionage campaigns against high-profile individuals and government entities, used “newly observed” ransomware as part of the operation, analysts at South Korean cybersecurity firm S2W said in a report this week.
The researchers labeled the ransomware VCD after the extension it
Experts have warned hackers recently used a generative AI tool to replicate several web pages belonging to the Brazilian government in an effort to steal sensitive personal information and money. The fake websites were examined by Zscaler ThreatLabz researchers, who discovered multiple indicators of the use of AI to generate code. The websites look almost identical to the official sites, with the hackers using SEO poisoning to make the websites appear higher in search results, and therefore se
In early July 2025, a new DarkCloud campaign was observed in the wild by Fortinet’s FortiGuard Labs team. It began with a phishing email containing an attached RAR archive. Fortinet subsequently investigated this campaign and conducted a step-by-step analysis. DarkCloud is a known stealthy Windows-based information-stealer malware that was first identified in 2022. It is designed to steal sensitive information from the victim’s computer, including saved login credentials, financial data, conta
A leading cybersecurity, privacy, and data protection firm, Vipre Security Group, has released its Q2 2025 Email Threat Landscape Report, highlighting a significant shift in cybercriminal tactics. The report, based on an analysis of global real-world data, uncovers a growing reliance on hyper-personalized, AI-driven phishing techniques that exploit human vulnerabilities rather than traditional technological tricks. This evolution in email-based threats is raising alarms for organizations world
The Fortinet/FortiMail Workspace Security team recently identified a targeted intrusion campaign impacting multiple Israeli organizations. The adversary leveraged compromised internal email infrastructure to distribute phishing messages across the regional business landscape. These emails initiated a multi-stage, PowerShell-based infection chain that culminated in the delivery of a remote access trojan (RAT), executed entirely through PowerShell.
Key characteristics include:
- Full PowerShell-b
US law enforcement agencies provided new details on an operation that dismantled critical infrastructure used by the BlackSuit ransomware gang after the organization’s leak site was replaced with a takedown banner nearly two weeks ago.
The group, which rebranded from its Royal name after a devastating 2023 attack that shut down the City of Dallas, successfully attacked more than 450 entities in the US. Since emerging in 2022, the gang secured more than $370 million in ransom payments, accordin
Vendor-related risks, from both tech providers and non-tech partners, have always been a concern, but they’re now becoming increasingly apparent in a growing number of cyber insurance claims. While data breaches were once the main concern, we are now seeing more severe first-party losses caused by ransomware attacks and major system outages. These issues are not always the result of a cyberattack, either. Sometimes they come from non-malicious errors, like critical system failures or software
Gen Z has often been hailed as the most tech-savvy generation in history. But new research from Kaspersky suggests that their hyper-connected, gig-driven lifestyle may also be making them one of the most vulnerable. In a recent report, Kaspersky warns that "polyworking," a growing trend among Gen Z workers juggling multiple part-time jobs, freelance gigs, or side hustles, is creating an unprecedented cybersecurity challenge. With a widened digital footprint, these digital natives are increasin
Security researchers this past week which detailed a series of vulnerabilities that could allow hackers to steal sensitive data from devices using Broadcom’s ControlVault, a special chip widely used in security-focused Dell laptops.
ControlVault is system-on-chip (SoC); effectively a tiny computer that is dedicated to security and isolated from the normally modifiable parts of the device. As its name suggests, it is intended to be a kind of vault for sensitive data; Dell describes it as “a secur
A job search platform exposed over 5 million resumes, putting millions of job seekers at risk of identity theft, targeted scams and fraud. The leak, discovered by cybersecurity researchers at Cybernews, comes from a misconfigured Microsoft Azure storage container that is accessible on the Internet. The unsecured cloud bucket contained more than 5.1 million files, predominantly resumes and CVs, dating from 2016 to 2025.[1]
The breach is linked to LiveCareer, a platform founded in 2004 that prov
The US can dreadfully report that they are #1 in malware activity. Canada is #2. Not to be outdone, the UK is now the third most targeted country in the world for malware after seeing over 100 million cyber-attacks over the past three months, this according to a new report. Research from cyber security firm NordVPN found that criminals are increasingly targeting everyday internet users through links in emails and texts, as well as through malicious websites and attachments.[1]
The UK now rank
A recent Varonis report exposes a rising threat: cyber criminals exploiting Microsoft OneNote to launch “native” phishing campaigns via Microsoft 365. OneNote is a well-established digital note-taking app that provides a single place for keeping users' reminders, research and project information. These attacks exploit trust in legitimate collaboration tools, combining social engineering and cloud infrastructure to bypass traditional defenses. This new attack vector uses shared OneNote notebook
