Threat hunters have discerned new activity associated with an Iranian threat actor known as Infy (aka Prince of Persia), nearly five years after the hacking group was observed targeting victims in Sweden, the Netherlands, and Turkey. “The scale of Prince of Persia’s activity is more significant than we originally anticipated,”Read More »Iranian Infy APT Resurfaces with New Malware Activity After Years of Silence
The U.S. Department of Justice (DoJ) this week announced the indictment of 54 individuals in connection with a multi-million dollar ATM jackpotting scheme. The large-scale conspiracy involved deploying malware named Ploutus to hack into automated teller machines (ATMs) across the U.S. and force them to dispense cash. The indicted membersRead More »U.S. DOJ Charges 54 in ATM Jackpotting Scheme Using Ploutus Malware
Video from Reddit shows what could go wrong when you try to pet a—looks like a Humboldt—squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy.
Similar pledges to fight scam networks were made by members of the Association of Southeast Asian Nations in the months leading up to the Bangkok conference. The post Thailand Conference Launches International Initiative to Fight Online Scams appeared first on SecurityWeek.
A suspected Russia-aligned group has been attributed to a phishing campaign that employs device code authentication workflows to steal victims’ Microsoft 365 credentials and conduct account takeover attacks. The activity, ongoing since September 2025, is being tracked by Proofpoint under the moniker UNK_AcademicFlare. The attacks involve using compromised email addressesRead More »Russia-Linked Hackers Use Microsoft 365 Device Code Phishing for Account Takeovers
Other noteworthy stories that might have slipped under the radar: Trump could use private firms for cyber offensive, China threat to US power grid, RaccoonO365 suspect arrested in Nigeria. The post In Other News: Docker AI Attack, Google Sues Chinese Cybercriminals, Coupang Hacked by Employee appeared first on SecurityWeek.
The agreement strengthens technical and commercial ties as Palo Alto migrates workloads and adopts Google’s Vertex AI and Gemini models. The post Palo Alto Networks, Google Cloud Strike Multibillion-Dollar AI and Cloud Security Deal appeared first on SecurityWeek.
Cybersecurity researchers have disclosed details of a new campaign that has used cracked software distribution sites as a distribution vector for a new version of a modular and stealthy loader known as CountLoader. The campaign “uses CountLoader as the initial tool in a multistage attack for access, evasion, and deliveryRead More »Cracked Software and YouTube Videos Spread CountLoader and GachiLoader Malware
The startup’s solution captures, verifies, and governs all AI interactions within an enterprise’s environment. The post AI Security Firm Ciphero Emerges From Stealth With $2.5 Million in Funding appeared first on SecurityWeek.
The Trump administration has pursued a staggering range of policy pivots this past year that threaten to weaken the nation’s ability and willingness to address a broad spectrum of technology challenges, from cybersecurity and privacy to countering disinformation, fraud and corruption. These shifts, along with the president’s efforts to restrictRead More »Dismantling Defenses: Trump 2.0 Cyber Year in Review
