Security
Headlines
HeadlinesLatestCVEs

Source

DARKReading

How CISOs Can Govern AI & Meet Evolving Regulations

Security teams are no longer just the last line of defense — they are the foundation for responsible AI adoption.

DARKReading
Serpentine#Cloud Uses Cloudflare Tunnels in Sneak Attacks

An unidentified threat actor is using .lnk Windows shortcut files in a series of sophisticated attacks utilizing in-memory code execution and living-off-the-land cyberattack strategies.

#windows
Indian Car-Sharing Firm Zoomcar Latest to Suffer Breach

The company acknowledged that cybercriminals had taken sensitive information on more than 8 million users, including names, phone numbers, car registration numbers, addresses, and emails.

'HoldingHands' Acts Like a Pickpocket With Taiwan Orgs

Since at least January, the threat actor has been employing multiple malware tools to steal information for potential future attacks against Taiwanese businesses and government agencies.

Private 5G: New Possibilities — and Potential Pitfalls

While ushering in "great operational value" for organizations, private 5G networks add yet another layer to CISOs' responsibilities.

Operation Endgame: Do Takedowns and Arrests Matter?

Cybercrime response needs more aggressive actions from those seeking to protect victims and pursue criminals.

The Cyber Future Is Riskier Than You Think

Sound suggestions on how to tackle four "quiet problems" that often slip through the security cracks.

Hackers Exploit Critical Langflow Flaw to Unleash Flodrix Botnet

A vulnerability in the popular Python-based tool for building AI agents and workflows is under active exploitation, allowing for full system compromise, DDoS attacks, and potential loss or theft of sensitive data

WestJet Airlines App, Website Suffer After Cyber Incident

Though its operations are running smoothly, the airline warned customers and employees to exercise caution when sharing personal information online.

Malicious Chimera Turns Larcenous on Python Package Index

Unlike typical data-stealing malware, this attack tool targets data specific to corporate and cloud infrastructures in order to execute supply chain attacks.