New attack turned Microsoft 365 Copilot into 1-click data theft tool
A critical vulnerability chain dubbed SearchLeak in Microsoft 365 Copilot Enterprise could allow attackers to steal sensitive data from a t…
A critical vulnerability chain dubbed SearchLeak in Microsoft 365 Copilot Enterprise could allow attackers to steal sensitive data from a t…
The ShinyHunters extortion gang stole personal information from more than 137,000 school staff accounts in a Salesforce data theft attack t…
Modern phishing, BEC, and account takeover attacks increasingly bypass traditional email defenses and create operational strain for securit…
In a coordinated effort, the FBI, working with Google and Black Lotus Labs, has dismantled a massive Chinese phishing-as-a-service operatio…
A former IT employee at an Iowa school district was sentenced to 21 months in prison after conducting a prolonged cyberattack against the …
Chinese hackers took control of a target organization's authentication stack and maintained persistence for 10 years, with full visibility …
The US government has ordered Anthropic to block all foreign nationals from accessing Fable 5 and Mythos 5, forcing the company to suspend …
Maine has taken its public data breach reporting portal offline after fraudulent breach disclosures were published on the state's website, …
A 10-year-old authentication bypass vulnerability discovered in the phpBB forum software allows an attacker to log in as any user, includin…
A Ukrainian national extradited from Ireland to the United States last year has pleaded guilty to conspiracy charges tied to the Conti rans…
More than 400 packages in the Arch User Repository (AUR) are distributing a Linux rootkit and infostealer malware targeting credentials and…
GitHub access sales, leaked repositories, and stolen API keys can all become supply-chain attack footholds. Flare explores how underground …
Microsoft has fixed a known issue that caused Windows updates released since May 2025 to fail when installed via the Windows Update Standal…
A cybercrime group known as The Gentlemen has emerged as the second most active ransomware gang by victim count, rapidly attracting a talen…
Microsoft today released software updates to plug nearly 200 security holes across its Windows operating systems and supported software, a …
The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U.S. Space Force were briefly defaced with pro-Irania…
Authorities in the Netherlands have arrested the co-owners of two related Internet hosting companies for operating IT infrastructure used b…
Lawmakers in both houses of Congress are demanding answers from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) after KrebsO…