General cybersecurity industry news, market trends, and analysis
Fake CAPTCHA IRSF scam sends up to 60 SMS messages since June 2020, exploiting 17 countries and costing victims $30 per attack.
Dubbed GopherWhisper, the group relies on multiple Go-based backdoors alongside custom loaders and injectors.
Fast16 malware from 2005 predates Stuxnet by five years, targeting engineering software to sabotage calculations and reshape cyberwar history.
CISA adds 4 exploited CVEs including CVSS 9.9 SimpleHelp flaw, mandating FCEB mitigation by May 8, 2026 to reduce ransomware and botnet risk.
People targeted by confidence schemes find getting help is a lonely road. Experts want law enforcement, financial and government institutions to work together and protect them.
FIRESTARTER backdoor hit Cisco ASA in Sept 2025, persists after patching CVE-2025-20333, risking continued federal network access.
Some 29 people were charged, including a Cambodian senator, and authorities seized more than 500 Web domains tied to fake investment sites.
Forgotten integrations, shadow IT, SaaS, and now shadow AI and agents are everywhere, and attackers don't need sophisticated AI models to take advantage.
It targeted high-precision calculation software to tamper with results and packed a self-propagation mechanism.
Other noteworthy stories that might have slipped under the radar: Supreme Court hacker sentenced, Lovable exposed user data, Google expands enterprise security.
NASA OIG exposed a 2017–2021 spear-phishing campaign by Song Wu, leading to DOJ charges and export control violations.
In the last six months, companies have seen a significant influx of AI-powered phishing, as cyberattackers progress from small campaigns to 1-to-1 personalized attacks.
