A recent US criminal case has exposed how a combination of AI-generated music, large-scale bot traffic and cloud infrastructure can transform a legitimate music royalty model into a highly profitable fraud scheme. North Carolina musician Michael Smith, 54, has pleaded guilty to conspiracy to commit wire fraud after fabricating streams worth more than $10 million … Read more
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added new vulnerabilities in Synacor Zimbra Collaboration Suite (ZCS) and Microsoft Office SharePoint to its catalog of actively exploited flaws, signaling ongoing real‑world attacks. In parallel, operators of the Interlock ransomware family are reported to be leveraging a critical Cisco firewall management zero‑day, significantly raising the … Read more
Google is preparing a significant change to Android sideloading security: a new advanced flow that enforces a mandatory 24-hour waiting period before users can install apps from unverified developers. The company presents this as an attempt to preserve Android’s open ecosystem while strengthening protection against rapidly growing mobile malware and social engineering attacks. Advanced Flow: … Read more
The U.S. Department of the Treasury, acting through the Office of Foreign Assets Control (OFAC), has imposed sanctions on six individuals and two entities involved in a global network of North Korean IT workers. According to U.S. authorities, this network uses fraudulent remote employment to siphon revenue from companies in the United States and abroad, … Read more
In the run-up to the US tax filing deadline, Microsoft researchers have identified a wave of tax season phishing attacks designed to steal credentials and deploy remote access malware. Threat actors are weaponizing themes such as tax refunds, filing reminders, and IRS audits to create urgency and persuade recipients to open attachments, click links, or … Read more
The current state of internet security reinforces the same pattern: even mature organizations continue to overlook basic security hygiene, while the time between disclosure of a vulnerability and its active exploitation keeps shrinking. The recent supply chain attack leveraging the popular Trivy vulnerability scanner, combined with a new wave of critical CVEs, illustrates how fragile … Read more
Cybersecurity has become highly specialized in recent years: organizations now employ cloud security engineers, digital forensics experts, IAM specialists, DevSecOps engineers and detection engineers. Tools are more powerful, budgets are larger, and yet many enterprises still struggle with the same basic issues: unclear risk priorities, contentious technology choices and difficulty translating technical threats into business … Read more
North Korean state-aligned threat actors tracked as WaterPlum, and linked to the Contagious Interview campaign, are exploiting Visual Studio Code (VS Code) projects as a novel malware delivery channel. By weaponizing the StoatWaffle malware family inside “test” repositories and fake technical interviews, the group is targeting experienced developers in the cryptocurrency and Web3 ecosystem, abusing … Read more
Six major technology companies — Anthropic, AWS, GitHub, Google, Microsoft and OpenAI — have committed $12.5 million to a new Linux Foundation initiative aimed at a fast‑emerging problem in cybersecurity: the surge of AI-generated bug and vulnerability reports overwhelming open source projects and obscuring real security issues. Linux Foundation’s new initiative against AI-generated bug report … Read more
The open source vulnerability scanner Trivy, widely integrated into container, Kubernetes and repository security workflows, has become the center of a significant software supply chain attack. Attackers managed to inject an infostealer into GitHub Actions and Trivy releases, putting CI/CD secrets and developer machines at risk across many organizations. Why the Trivy GitHub Actions compromise … Read more
