A phone phishing attack led to the compromise of a system containing information about alumni, donors, students, staff, and other individuals. The post Alumni, Student, and Staff Information Stolen From Harvard University appeared first on SecurityWeek.
Five flaws in the open source tool may lead to path traversal attacks, remote code execution, denial-of-service, and tag manipulation. The post Fluent Bit Vulnerabilities Expose Cloud Services to Takeover appeared first on SecurityWeek.
Palo Alto Networks has conducted an analysis of malicious LLMs that help threat actors with phishing, malware development, and reconnaissance. The post WormGPT 4 and KawaiiGPT: New Dark LLMs Boost Cybercrime Automation appeared first on SecurityWeek.
Hackers stole corporate data such as accounting records and legal agreements, but did not deploy file-encrypting ransomware. The post Major US Banks Impacted by SitusAMC Hack appeared first on SecurityWeek.
Democracy is colliding with the technologies of artificial intelligence. Judging from the audience reaction at the recent World Forum on Democracy in Strasbourg, the general expectation is that democracy will be the worse for it. We have another narrative. Yes, there are risks to democracy from AI, but there areRead More »Four Ways AI Is Being Used to Strengthen Democracies Worldwide
The threat actor known as ToddyCat has been observed adopting new methods to obtain access to corporate email data belonging to target companies, including using a custom tool dubbed TCSectorCopy. “This attack allows them to obtain tokens for the OAuth 2.0 authorization protocol using the user’s browser, which can beRead More »ToddyCat’s New Hacking Tools Steal Outlook Emails and Microsoft 365 Access Tokens
2026 will mark a pivotal shift in cybersecurity. Threat actors are moving from experimenting with AI to making it their primary weapon, using it to scale attacks, automate reconnaissance, and craft hyper-realistic social engineering campaigns. The Storm on the Horizon Global world instability, coupled with rapid technological advancement, will forceRead More »3 SOC Challenges You Need to Solve Before 2026
Cybersecurity researchers have disclosed details of a new campaign that has leveraged Blender Foundation files to deliver an information stealer known as StealC V2. “This ongoing operation, active for at least six months, involves implanting malicious .blend files on platforms like CGTrader,” Morphisec researcher Shmuel Uzan said in a reportRead More »Hackers Hijack Blender 3D Assets to Deploy StealC V2 Data-Stealing Malware
The new self-replicating worm iteration has destructive capabilities, erasing home directory contents if it cannot spread to more repositories. The post 640 NPM Packages Infected in New ‘Shai-Hulud’ Supply Chain Attack appeared first on SecurityWeek.
More than 100 alleged victims of the Oracle EBS campaign have been added to the Cl0p ransomware website. The post Canon Says Subsidiary Impacted by Oracle EBS Hack appeared first on SecurityWeek.
