#cybersecurity

Microsoft has detected an AI-enabled device code phishing campaign targeting organizations. The campaign uses sophisticated techniques to bypass multi-factor authentication and compromise user accounts. Security teams are advised to implement additional monitoring and protection measures.

The fourth quarter of 2025 saw a record-setting 31.4 Tbps DDoS attack, capping a year of significant distributed denial-of-service assaults. This massive attack highlights the continued escalation of DDoS threats faced by organizations globally.

Security researchers uncovered a supply chain attack where attackers posed as Web3 recruiters to distribute malicious packages. The attackers used fake job interviews to trick developers into installing compromised npm packages that stole sensitive data. The campaign targeted cryptocurrency and blockchain developers through sophisticated social engineering tactics.

A critical remote code execution vulnerability has been discovered in LiteLLM Proxy, allowing attackers to execute arbitrary code on affected systems. The vulnerability stems from improper input validation in the proxy's configuration handling. Users are advised to update to the latest patched version immediately.

Cloudflare has launched Advanced DNS Protection to mitigate sophisticated DNS DDoS attacks. The system uses machine learning to detect and block complex attack patterns that bypass traditional defenses. This helps protect DNS infrastructure from evolving threats.

The PyPI package Xinference versions 2.6.0 through 2.6.2 were compromised by TeamPCP, who uploaded malicious versions containing a backdoor. The backdoor allowed remote code execution on affected systems, potentially enabling data theft and further attacks. Users are advised to upgrade to version 2.6.3 or later to address the security issue.

DNS reconnaissance involves analyzing domain name system records to uncover information about internet infrastructure. This technique can reveal details about a domain's hosting, mail servers, subdomains, and security configurations. Organizations use DNS reconnaissance for both legitimate security assessments and by threat actors for malicious purposes.

France's national identity document agency is investigating a data breach after criminals claimed to have stolen 19 million records. The agency, which issues secure identity cards and passports, has launched a probe into the alleged security incident.

Google Cloud has launched Fraud Defense, an evolution of reCAPTCHA that uses advanced AI to detect and prevent fraud across web and mobile applications. The service analyzes user interactions and behavioral signals to identify fraudulent activity without disrupting legitimate users.

Google has expanded its AI security offerings with new agents designed to combat cyber threats. The company is deploying additional AI-powered tools to help organizations detect and respond to security incidents more effectively.

Security reporting has entered a "high-quality chaos" era where AI-generated vulnerability reports are becoming increasingly sophisticated and difficult to distinguish from human-written submissions. This creates new challenges for security teams who must now evaluate a flood of AI-produced reports that often contain plausible but potentially misleading information.

Quantum computing poses a future threat to current cryptographic systems, particularly public-key cryptography. Experts estimate that large-scale quantum computers capable of breaking current encryption could emerge within 10-30 years. Organizations are already developing quantum-resistant cryptographic algorithms to prepare for this transition.

Anthropic is investigating a report that a rogue actor gained unauthorized access to Mythos AI, a system that could enable hacking. The incident raises concerns about security vulnerabilities in advanced AI models and potential misuse of their capabilities.

The Zero Days Clock tracks the time since the last major cybersecurity incident. It serves as a public awareness tool about digital security threats and vulnerabilities in our interconnected world.

An unauthorized group has reportedly gained access to Anthropic's exclusive cybersecurity tool called Mythos. The breach raises concerns about potential misuse of the advanced AI-powered security technology.

The Lazarus APT group has launched a new macOS malware campaign targeting businesses with a Mach-O malware kit. The sophisticated attack uses multiple infection vectors including malicious documents and fake cryptocurrency applications to compromise systems.

Claude 4.7 implements a five-layer cyber blocking system that prevents malicious prompts both before and after they are processed. The system aims to stop cyber threats proactively rather than reacting to them after damage occurs.

A new wiper malware called Lotus has been discovered targeting the energy and utilities sector. The malware is designed to destroy data on infected systems and appears to be part of a targeted attack campaign against critical infrastructure.

Mozilla discusses how AI-powered security tools are helping to identify and address zero-day vulnerabilities more effectively. The article explores how these technologies are changing the cybersecurity landscape and improving threat detection capabilities.

The Mythos blockchain project was reportedly hacked on the same day it was announced. The incident raises security concerns for the newly launched platform.

AI systems face new security vulnerabilities that could allow malicious actors to manipulate their behavior. Researchers have identified methods to bypass safety measures in large language models through carefully crafted prompts. These findings highlight ongoing challenges in securing AI systems against adversarial attacks.

A member of the Scattered Spider cybercrime group known as 'Tylerb' has pleaded guilty to charges related to computer intrusions and extortion. The individual admitted to participating in attacks against multiple organizations, including a major casino and hotel chain.

A compromised AI tool was responsible for triggering the Vercel security breach. The incident highlights security risks associated with third-party AI integrations in development workflows.

Companies should prepare for quantum computers that could break current encryption by adopting quantum-resistant algorithms and updating security protocols. Experts recommend starting migration planning now, as quantum threats may emerge within 5-10 years.

Vercel experienced a security incident in April 2026 where environment variables were compromised. The company has taken steps to address the breach and secure affected systems.

A former ransomware negotiator has pleaded guilty to conducting BlackCat ransomware attacks. The individual admitted to deploying the malware and extorting victims for cryptocurrency payments.

The article describes how the domain deleteduser.com was purchased for $15 and subsequently received a large volume of sensitive personal data, including passwords and financial information, due to misconfigured applications and services. This highlights a significant data exposure risk from common development practices.

The AgingFly malware uses a "steal and go" model to target Ukrainian organizations, stealing sensitive data before quickly exfiltrating it. This technical analysis examines the malware's evasion techniques and data theft capabilities.

A security engineer created Flight Risk, a game that challenges users to break an AI support agent through prompt injection and social engineering techniques. The game aims to help developers practice identifying and preventing AI security vulnerabilities in a hands-on environment.

The article discusses how malicious software packages in open-source ecosystems don't align with traditional vulnerability intelligence models. It explains that these packages are intentionally harmful from creation, unlike vulnerabilities that emerge in otherwise legitimate software. This fundamental difference requires distinct approaches to detection and response.