Security
Sharepoint under attack: Microsoft rocked by "high-severity, high-urgency" Toolshell zero-day
"You should assume that you have been compromised at this point. Patching alone is insufficient to fully evict the threat."
Security
Hacktivism
Europol leads global takedown of pro-Russian hacktivist group NoName057(16)
Cops smash Moscow-linked group blamed for a number of DDoS attacks and believed to wield a huge botnet.
Opinion
Cascading risk: Protecting against supply chain attacks in a hostile threat landscape
"The assumption that cyberattacks affect single organisations no longer holds. Today, one point of failure can escalate into a cross-sector crisis."
Security
"An AI obedience problem": World's first LLM Scope Violation attack tricks Microsoft Copilot into handing over data
Zero-click bug requires "no specific user interaction and results in concrete cybersecurity damage", researchers allege.
Security
Marco Rubio was AI cloned: How can you avoid the same fate and stay safe from voice spoofing?
Imposter used AI to imitate the voice of the United States Secretary of State, highlighting a growing risk all organisations need to be aware of.
Security
Four people arrested over M&S, Co-op and Harrods cyberattacks
National Crime Agency seizes three male suspects as well as a 20-year-old woman during operations in London and the West Midlands.
Security
Scattered Spider's latest victim? Qantas confirms encounter with mysterious "cyber criminal"
Airline contacted by shadowy threat actor following incident feared to have exposed millions of people's data.
Cybercrime
Search engine criminalisation: SEO poisoning campaign exposed
Scammers are buying up dodgy websites on underground marketplaces to manipulate search rankings and lure victims onto malicious pages.
Cybersecurity
Scattered Spider spins its web beyond retail, sinks fangs into insurance
"The industry should be on high alert, especially for social engineering schemes which target their help desks and call centres."
Security
Glazenost: Krispy Kreme opens up to reveal the unsugared truth about a major cyberattack
Doughnut giant admits that more than 160,000 customers were affected by a security incident in November 2024.
Dark Web
"Security teams don’t need more noise": Microsoft Copilot now surfaces dark web threat intelligence
Bitsight teams up with Microsoft to monitor threats emerging from the dankest corners of the hidden web.
Defence
Battlefield vibe coding and the open source future of drone warfare
After Ukraine used Ardupilot-powered drones to blow up Russian nuclear bombers, what's next for open source combat?