A new version of the Shai-Hulud credentials-stealing self-propagating worm is expanding through the open npm registry, a threat that developers who download packages from the […]
ShadowRay 2.0 Turns AI Clusters into Crypto Botnets
A threat actor is leveraging a flaw in the Ray framework to hijack AI infrastructure worldwide and distribute a self-propagating cryptomining and data theft botnet. […]
Infamous Shai-hulud Worm Resurfaces From the Depths
This campaign introduces a new variant that executes malicious code during preinstall, significantly increasing potential exposure in build and runtime environments, researchers said. ​The original […]
Critical Flaw in Oracle Identity Manager Under Exploitation
The exploitation of CVE-2025-61757 follows a breach of Oracle Cloud earlier this year as well as a recent extortion campaign targeting Oracle E-Business Suite customers. […]
Vision Language Models Keep an Eye on Physical Security
Advancements in vision language models expanded models reasoning capabilities to help protect employee safety. ​The original article found on darkreading Read More
Is Your Android TV Streaming Box Part of a Botnet?
On the surface, the Superbox media streaming devices for sale at retailers like BestBuy and Walmart may seem like a steal: They offer unlimited access […]
Podcast Empowers Professionals to Thrive in Their Cybersecurity Careers
Amelia Hewitt, Co-Founder (Director of Cyber Consulting) at Principle Defence and Founder of CybAid, and Rebecca Taylor, Threat Intelligence Knowledge Manager and Researcher at Sophos, […]
2026 CSO Hall of Fame call for nominations
Hall of Fame award nominations are officially open, and we’re calling on you, your peers, teams and clients to recognize the individuals and organizations driving […]
New Fluent Bit Flaws Expose Cloud to RCE and Stealthy Infrastructure Intrusions
Cybersecurity researchers have discovered five vulnerabilities in Fluent Bit, an open-source and lightweight telemetry agent, that could be chained to compromise and take over cloud […]
What keeps CISOs awake at night — and why Zurich might hold the cure
Sleepless nights in cybersecurity When I attended the Global Cyber Conference 2025 in Zurich last week, I expected world-class keynotes and sharp panel debates. What […]