Open-source AI-driven offensive tools are rapidly moving from lab experiments into real attack chains. According to research by Team Cymru, the CyberStrikeAI platform, positioned as an AI-based security testing framework, has been actively used to automate intrusions against Fortinet FortiGate firewalls in multiple countries. AI platform CyberStrikeAI seen in real Fortinet FortiGate intrusion campaign Earlier … Read more

Google has unveiled a detailed roadmap to protect Chrome HTTPS certificates from post‑quantum attacks, centered on a new scheme called Merkle Tree Certificates (MTC). The approach, already under experimental deployment in Chrome and Cloudflare’s infrastructure, aims to deliver quantum‑resistant TLS without the severe performance penalties typically associated with post‑quantum cryptography. Why post‑quantum TLS certificates threaten … Read more

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released an updated technical analysis of the RESURGE malware family, a highly sophisticated implant used in targeted attacks against Ivanti Connect Secure VPN gateways via the zero‑day vulnerability CVE‑2025‑0282. The malware combines rootkit, bootkit, and stealth backdoor capabilities and is designed for long‑term, hard‑to‑detect persistence in … Read more

For years, many users have assumed that a pseudonym on social media is enough to stay anonymous. Recent research from ETH Zurich, the MATS (ML Alignment & Theory Scholars) program and Anthropic shows that this assumption is rapidly becoming obsolete. The study demonstrates that modern large language models (LLMs) can systematically deanonymize user accounts using … Read more

A year‑long international operation codenamed Project Compass, coordinated by Europol, has delivered one of the most significant blows to English‑speaking youth cybercrime in recent years. The investigation resulted in 30 arrests, the identification of 179 suspects, and 62 confirmed victims, four of whom were directly rescued from ongoing online abuse. The Com: decentralized teen hacker … Read more

A newly tracked hacktivist cluster known as Forbidden Hyena is combining traditional cybercrime tools with generative AI and a previously undocumented remote access trojan, BlackReaperRAT, to target Russian government entities and critical infrastructure organizations. Research by BI.ZONE shows that while AI-driven attacks currently account for less than 1% of incidents against Russian companies in 2025, … Read more

An unprecedented AI-assisted cyberattack against Mexican government systems has exposed sensitive information on approximately 195 million citizens, according to research by Israeli cybersecurity startup Gambit Security. The attacker reportedly weaponized Anthropic’s developer assistant Claude Code as a core component of the operation, compromising at least ten public-sector entities and one financial institution. Scope of the … Read more

The newly disclosed AirSnitch attack suite demonstrates that Wi‑Fi client isolation, a feature widely advertised by vendors to protect guest and open networks, often does not work as intended. Tests on consumer and enterprise devices from Netgear, D-Link, Ubiquiti, Cisco, TP-Link, Asus, and hardware running DD‑WRT and OpenWrt show that attackers can intercept and modify … Read more

Government agencies are increasingly seizing cryptocurrencies in tax and financial crime cases. At the same time, even a single cybersecurity lapse can erase months of operational work. A recent incident at South Korea’s National Tax Service (NTS) demonstrates how a leaked seed phrase can instantly turn a successful crypto seizure into a multimillion‑dollar loss. Crypto … Read more

A 27‑year‑old Ukrainian citizen, Yurii Nazarenko — known online as John Wick, Tor Ford, and Uriel Septimberus — has pleaded guilty in the United States to operating OnlyFake, an AI‑powered platform that produced highly realistic fake identity documents. According to prosecutors, the service helped customers worldwide circumvent KYC (Know Your Customer) checks across banks, fintechs, … Read more