In 2025, the notorious Chaos ransomware has undergone a dramatic transformation, emerging with a sophisticated C++ variant that represents the most dangerous iteration to date. […]
APT Hackers Abuse ChatGPT to Develop Advanced Malware and Phishing Campaigns
Security researchers at Volexity have uncovered compelling evidence that China-aligned threat actors are leveraging artificial intelligence platforms like ChatGPT to enhance their sophisticated cyberattack capabilities. […]
Data-Leak Sites Surge to Record Levels Amid Scattered Spider RaaS and LockBit 5.0 Rise
Ransomware threats reached a tipping point in Q3 2025 as data-leak sites surged to a record 81 active platforms, driven by major developments across the […]
Discord Data Breach Exposes 1.5 TB of Data and 2 Million Government ID Photos
The popular communication platform Discord is confronting a major extortion attempt after cybercriminals breached one of its third-party customer service providers, compromising sensitive user data […]
The ultimate business resiliency test: Inside Kantsu’s ransomware response
A year ago, midsize Japanese logistics company Kantsu suffered significant damage from a cyberattack in which ransomware locked its servers and cut off communications, bringing […]
CrowdStrike Falcon Windows Sensor Flaw Could Let Attackers Execute Code and Delete Files
CrowdStrike has disclosed two critical vulnerabilities affecting its Falcon sensor for Windows that could enable attackers to delete arbitrary files and potentially compromise system stability. […]
Chinese Hackers Weaponize Nezha Tool to Run Commands on Web Servers
Security researchers have uncovered a sophisticated cyberattack campaign where Chinese threat actors are exploiting web applications using an innovative log poisoning technique to deploy web […]
Passwortfreie Authentifizierung: So gelingt der Umstieg auf PKI
Die zertifikatsbasierte Authentifizierung mit PKI erfolgt via physischen Token statt Passwort. Momentum studio – shutterstock.com Die Bedrohungslage im Cyberraum verschärft sich stetig. Immer mehr Unternehmen […]
Unplug Gemini from email and calendars, says cybersecurity firm
CSOs should consider turning off Google Gemini access to employees’ Gmail and Google Calendars, because the chatbot is vulnerable to a form of prompt injection, […]
GitHub Copilot prompt injection flaw leaked sensitive data from private repos
In a new case that showcases how prompt injection can impact AI-assisted tools, researchers have found a way to trick the GitHub Copilot chatbot into […]