Latest stories — Page 7

AI Assistants Are Inventing Fake Web Addresses — and Criminals Are Buying Them Up
Researchers at Palo Alto Networks found that AI tools routinely make up plausible-sounding website addresses that don't exist. Criminals are registering those addresses before anyone notices — and one already built a full fraud operation using the same AI trick.

How One HR Giant Cut Its Security Bill by $250,000 — by Deleting Data It Never Needed
Vensure Employer Solutions was drowning in its own security logs. An AI-powered clean-up cut costs, halved response times, and proved that more data isn't always safer.

ClickFix: Emerging Favorite for Cybercriminals in Malware Delivery
New research highlights how ClickFix, a social engineering tactic, is dominating the malware delivery landscape across various systems.

IBM and Red Hat Launch $5 Billion Initiative to Secure Open-Source Software
IBM and Red Hat invest heavily in Project Lightwell to address open-source software vulnerabilities revealed by Anthropic's AI.

Phishing Emails Now Study Your Phone Before They Attack You
A new wave of scam emails quietly profiles your device — your operating system, location, and screen size — then delivers malware tailored specifically to your setup.

FortiBleed's Credential Theft Linked to Ransomware Gangs
Researchers reveal FortiBleed's connections to ransomware groups, posing greater risks for affected organizations.

Fake Interpol Arrest Notices Are Delivering Ransomware to Small Businesses
Criminals are impersonating the international police agency to frighten small business owners into downloading malware. The tactic is simple. It's working.

Australians Are Safer Online Than Last Year — Unless They Run a Small Business
A new government survey found cybercrime fell across Australia in 2025, but small business owners are facing more legal and staffing fallout than ever before.

Apple Shifts Security Update Strategy Amid AI-Driven Cyber Threats
Apple now releases security patches more frequently to tackle the growing threats posed by AI-enhanced cyberattacks.

Chinese Spy Group Lures Energy Workers With Fake Australian News Site — Then Steals Everything They Type
A state-linked hacking group spent two months tricking employees at offshore energy companies into visiting a bogus news website that silently recorded their every keystroke.

CISA's New Playbook Nudges Agencies Toward Zero Trust — and Everyone Else Can Read Along
The agency's updated TIC 3.0 guidance folds Secure Access Service Edge into federal network modernisation, and the advice travels well beyond government.

Google Patches Fifth Chrome Zero-Day of 2022 as Hackers Actively Exploit the Flaw
A flaw in how Chrome handles a mobile-linking feature is being weaponised in real attacks. It's the fifth time this year Google has had to rush out an emergency fix for its browser.

US warns Russian spies are still hunting your WhatsApp and Signal accounts
CISA and the FBI say Russian intelligence officers are running fresh phishing campaigns to hijack accounts on messaging apps used by journalists, officials and activists.

CISA Flags Actively Exploited SimpleHelp Flaw, Orders Federal Agencies to Patch Fast
A newly listed authentication bypass in SimpleHelp remote-support software is being used in real attacks, and federal agencies now face a hard deadline to fix it.

Schneider Electric patches three flaws in PowerLogic P7 grid protection gear
The most serious bug lets an unauthenticated attacker knock the device's control screen offline. A firmware update is out.

Satellite reaction wheel flaw lets attackers with physical access swap in malicious firmware
CISA flags a signature-verification gap in CubeSpace's CW0057, tracked as CVE-2026-13743. The vendor rates practical risk as low.

FortiBleed: 11,000 Fortinet Firewalls Still Compromised, Now Tied to INC and Lynx Ransomware
Researchers say the same crew that hoarded credentials from hundreds of thousands of Fortinet firewalls has been sitting inside the negotiation panels of two major ransomware gangs.

TA558 Is Back, Targeting Hotels and Airlines With Fake Booking Emails
A criminal group that has quietly stolen travel-industry data since 2018 has dramatically ramped up its fake-reservation campaigns, now using compressed file tricks to sneak spying software onto victims' computers.

Medtronic tells customers their personal data was stolen in ShinyHunters raid
The medical device giant confirms hackers rifled through its corporate systems for nearly a week in April, exposing names, Social Security numbers and health details.

Apple Pushes Emergency Fixes for Two Flaws Already Being Used to Attack iPhones and Macs
Two previously unknown security holes — one in the heart of Apple's operating system, one in its browser engine — are being actively exploited. Every iPhone, iPad, and Mac owner should update today.

Alleged Scattered Spider member, 19, extradited to the US after airport arrest
Peter Stokes, a dual US-Estonian citizen picked up in Helsinki in April, is accused of helping the notorious hacking crew squeeze millions from big-name companies.