Silent Push Threat Analysts discovered a phishing campaign using website lures to gather information against Russian individuals sympathetic to defending Ukraine and willing to share sensitive information.

The Japanese government is on a mission to catch up to US national cybersecurity preparedness standards and has just passed bold legislation aimed at bolstering the country's cyber-response capabilities.

Organizations might want to think twice before using the Chinese generative AI (GenAI) DeepSeek in business applications, after it failed a barrage of 6,400 security tests that demonstrate a widespread lack of guardrails in the model.

Despite its improvements, a CyberArk researcher found a way to exploit o3-mini by pretending to be a historian seeking knowledge. While engaging with it, he eventually led it to produce steps that could be used to exploit a critical Windows process.

Victims receive WhatsApp messages containing malicious Android Package Kit (APK) files. Once downloaded, these APKs appear as fake apps of major banks like HDFC Bank and ICICI Bank.

Funnull CDN, a Chinese company, has been linked to a harmful practice known as "infrastructure laundering," where cybercriminals exploit major cloud hosting services like Amazon Web Services (AWS) and Microsoft Azure.

Ransomware actors are now using a new tactic by offering individuals millions of dollars to betray their employers and share confidential company information. These actors include groups like Sarcoma and DoNex.

Users are targeted by email and, after clicking on the PDFs, are taken to pages that impersonate Amazon, where they are urged to input their personal details and credit card information.

Zero Day Initiative said the PHP Hooligans used a "numeric range comparison without minimum check" zero-day bug to take over Tesla's wall connector electric vehicle (EV) charger and crash it.

Attackers are targeting people interested in pirated and cracked software downloads by abusing YouTube and Google search results. Threat actors are posing as "guides" offering legitimate software installation tutorials to lure viewers.