Author: s s

When people ask us, “Aren’t all endpoint solutions the same these days?” — our answer is simple: No. They’re not.

Mathew J. Schwartz reports: A member of the band of native English-speaking adolescent hackers lately calling itself Scattered Lapsus$ Hunters published Friday a semi-coherent screed proclaiming the collective would be “going dark.” Many cybersecurity experts responded with skepticism. Evidence suggests that at least some members of the loose-knit hacking collective are continuing to hit targets. Threat intelligence……

Conor Brian Fitzpatrick, aka “Pompompurin” was re-sentenced today in federal court in Virginia. The government had sought a prison sentence of at least 188 months for the former owner of the original BreachForums, while the defense sought probation with weekend jail time for a year. Judge Leonie Brinkema, who had previously sentenced Fitzpatrick to time……

Cybersecurity researchers have disclosed multiple critical security vulnerabilities in Chaos Mesh that, if successfully exploited, could lead to cluster takeover in Kubernetes environments. “Attackers need only minimal in-cluster network access to exploit these vulnerabilities, execute the platform’s fault injections (such as shutting down pods or disrupting network communications), and perform

Dedicated to building a stronger, more inclusive Apple security community through open-source security tools Sophos is proud to be a gold friend of the Objective-See Foundation, supporting its mission to expand access to cybersecurity education and foster innovative community-driven macOS security research. As macOS becomes a bigger target for cybercriminals, organizations like Objective-See are critical…

From Europol: A high-value cybercrime suspect has been added to the EU Most Wanted list. The individual, a Ukrainian national, is believed to be a leading figure in an organised crime network responsible for the 2019 ransomware attack against a major Norwegian aluminium company, as well as a series of other global cyber-attacks. The fugitive is……

A massive ad fraud and click fraud operation dubbed SlopAds ran a cluster of 224 apps, collectively attracting 38 million downloads across 228 countries and territories. “These apps deliver their fraud payload using steganography and create hidden WebViews to navigate to threat actor-owned cashout sites, generating fraudulent ad impressions and clicks,” HUMAN’s Satori Threat Intelligence…

Cybersecurity researchers have warned of a new campaign that’s leveraging a variant of the FileFix social engineering tactic to deliver the StealC information stealer malware. “The observed campaign uses a highly convincing, multilingual phishing site (e.g., fake Facebook Security page), with anti-analysis techniques and advanced obfuscation to evade detection,” Acronis security researcher Eliad

Apple on Monday backported fixes for a recently patched security flaw that has been actively exploited in the wild. The vulnerability in question is CVE-2025-43300 (CVSS score: 8.8), an out-of-bounds write issue in the ImageIO component that could result in memory corruption when processing a malicious image file. “Apple is aware of a report that…

AI agents are rapidly becoming a core part of the enterprise, being embedded across enterprise workflows, operating with autonomy, and making decisions about which systems to access and how to use them. But as agents grow in power and autonomy, so do the risks and threats.  Recent studies show 80% of companies have already experienced…