Operational technology (OT) at industrial and critical infrastructure sites seem to have been benefitting from a lull in ransomware, and hackers‘ relative ignorance of OT systems.
Multi-stage fraud attacks chain bots, proxies, and stolen credentials from signup to takeover. IPQS shows why correlating IP, device, identity, and behavior is critical to stop it. […]
Attacks by artificial intelligence agents are a reality. Experts at Nvidia’s GTC conference say defenders need to use the same tools to fight them off.
Mit Lakewatch präsentiert Databricks ein offenes SIEM auf Lakehouse-Basis. KI-Agenten sollen Bedrohungen in Datenpools automatisch erkennen und triagieren.
TeamPCP is the likely cyber threat actor behind attacks on Trivy, Checkmarx’s KICS and VS Code plug-ins, and the LiteLLM AI library — and all signs point to more attacks to come.
A phishing campaign targeting healthcare, government, hospitality, and education sectors in various countries uses several evasion techniques to avoid detection.
Attackers can execute arbitrary code without authentication if Oracle’s Identity or Web Services Managers are exposed to the Web.
Credential theft soared in the second half of 2025, thanks in part to the industrialization of infostealer malware and AI-enabled social engineering.
In a recent attack, the group showcased stealthier cross-network activity, thanks to its use of a new BYOVD technique and other tools.
A social engineering campaign impersonating PayPal and Amazon uses customer support interactions to acquire sensitive info.