Content is curated from many trusted industry sources, including vendor advisories, security blogs, bug bounty programs, and conference organizers worldwide.
Email remains a core communications channel for business and customer engagement, but it also introduces risk. Mistyped addresses, exposed attachments, missed opt-outs, or hasty replies to phishing can trigger serious security or privacy incidents if not carefully managed and mitigated with controls. Add phishing controls to boost resilience.
Delhi Police South District Cyber Crime Unit busted an interstate fraud racket that duped devotees via fake helicopter tickets to Kedarnath and Vaishno Devi, mimicking IRCTC bookings. Three suspects Omprakash Kumar, Rohit Kumar, and Shreyansh Tiwari alias Shivam were arrested in connection with the scam.
Michigan authorities report a 79-year-old woman nearly lost $700,000 after cybercriminals impersonated Social Security officials, claiming bank funds were linked to terrorism and must be moved. The scam highlights social threat tricks targeting seniors, with police halting the scheme and preventing losses. and care
Google reports that the ShinyHunters group exploited an Oracle PeopleSoft zero-day to exfiltrate data from more than 100 organizations, with a majority of victims being universities. The breach underscores risks from unpatched ERP platforms and highlights the need for rapid patching, monitoring, and access controls to mitigate similar threats at scale.
The piece shows how GitHub access sales, leaked repositories, and stolen API keys forge footholds for software supply-chain attacks. It explains that underground forums reveal early risk signals, including indicators, actors, and exploit patterns, helping defenders monitor and mitigate potential compromises. It emphasizes proactive monitoring and policy hardening.
France’s cybersecurity agency accuses Israeli tech firm BlackCore of meddling in Scottish elections by targeting First Minister John Swinney, the SNP, and the Scottish government. Viginum, a disinformation detector, says BlackCore used proxy social accounts to reach Swinney and officials on four occasions amid broader electoral interference claims.
AI-generated fraud schemes have become dominant, per a AU10TIX report. AI-assisted forgeries surpassed physical manipulation for the first time, enabling attackers to deceive both humans and systems with minimal manual effort, signaling a shift in the attack surface and remediation priorities. The finding underscores AI risk controls and detection..
Cybersecurity researchers describe a novel attack class that can trick AI coding agents into running arbitrary code on developer machines. Labeled Agentjacking by Tenet Security, the exploit is triggered by a forged error report crafted through Sentry, open-source error-tracking and performance-monitoring platform, enabling remote code execution.
CyberCorps is adapting to AI-driven threats, but budget cuts may derail its work before deployment. The report notes ongoing AI risk mitigation efforts and warns that insufficient funding could undercut defenses and delay essential cyber threat research and defense initiatives across government and industry May reshape cyber priorities worldwide
Managed detection and response helped address staffing gaps by handling alerts and providing around-the-clock coverage. It worked for years, but the threat landscape has evolved faster than the MDR model can adapt. Attackers now leverage AI to move faster, generate more complex incursions, and overwhelm traditional defenses, demanding new, adaptable solutions.
ShinyHunters exploited a critical Oracle PeopleSoft zero-day to breach over 100 orgs, mainly universities, before a patch. Mandiant and Google Threat Intelligence analyzed an active campaign on June 11, one day after Oracle issued advisory. The window between exploit and patch allowed widespread access and data exposure. This gap increases risk now. Patch!
Novo Nordisk, the world's largest insulin producer, disclosed a data breach exposing patient information linked to certain clinical trials. The incident reportedly affected partial patient data, highlighting persistent cybersecurity risks in pharma data handling. The company is investigating, notifying affected individuals, and strengthening safeguards.
Email remains a core communications channel for business and customer engagement, but it also introduces risk. Mistyped addresses, exposed attachments, missed opt-outs, or hasty replies to phishing can trigger serious security or privacy incidents if not carefully managed and mitigated with controls. Add phishing controls to boost resilience.
Delhi Police South District Cyber Crime Unit busted an interstate fraud racket that duped devotees via fake helicopter tickets to Kedarnath and Vaishno Devi, mimicking IRCTC bookings. Three suspects Omprakash Kumar, Rohit Kumar, and Shreyansh Tiwari alias Shivam were arrested in connection with the scam.
Michigan authorities report a 79-year-old woman nearly lost $700,000 after cybercriminals impersonated Social Security officials, claiming bank funds were linked to terrorism and must be moved. The scam highlights social threat tricks targeting seniors, with police halting the scheme and preventing losses. and care
Google reports that the ShinyHunters group exploited an Oracle PeopleSoft zero-day to exfiltrate data from more than 100 organizations, with a majority of victims being universities. The breach underscores risks from unpatched ERP platforms and highlights the need for rapid patching, monitoring, and access controls to mitigate similar threats at scale.
The piece shows how GitHub access sales, leaked repositories, and stolen API keys forge footholds for software supply-chain attacks. It explains that underground forums reveal early risk signals, including indicators, actors, and exploit patterns, helping defenders monitor and mitigate potential compromises. It emphasizes proactive monitoring and policy hardening.
France’s cybersecurity agency accuses Israeli tech firm BlackCore of meddling in Scottish elections by targeting First Minister John Swinney, the SNP, and the Scottish government. Viginum, a disinformation detector, says BlackCore used proxy social accounts to reach Swinney and officials on four occasions amid broader electoral interference claims.
AI-generated fraud schemes have become dominant, per a AU10TIX report. AI-assisted forgeries surpassed physical manipulation for the first time, enabling attackers to deceive both humans and systems with minimal manual effort, signaling a shift in the attack surface and remediation priorities. The finding underscores AI risk controls and detection..
Cybersecurity researchers describe a novel attack class that can trick AI coding agents into running arbitrary code on developer machines. Labeled Agentjacking by Tenet Security, the exploit is triggered by a forged error report crafted through Sentry, open-source error-tracking and performance-monitoring platform, enabling remote code execution.
CyberCorps is adapting to AI-driven threats, but budget cuts may derail its work before deployment. The report notes ongoing AI risk mitigation efforts and warns that insufficient funding could undercut defenses and delay essential cyber threat research and defense initiatives across government and industry May reshape cyber priorities worldwide
Managed detection and response helped address staffing gaps by handling alerts and providing around-the-clock coverage. It worked for years, but the threat landscape has evolved faster than the MDR model can adapt. Attackers now leverage AI to move faster, generate more complex incursions, and overwhelm traditional defenses, demanding new, adaptable solutions.
ShinyHunters exploited a critical Oracle PeopleSoft zero-day to breach over 100 orgs, mainly universities, before a patch. Mandiant and Google Threat Intelligence analyzed an active campaign on June 11, one day after Oracle issued advisory. The window between exploit and patch allowed widespread access and data exposure. This gap increases risk now. Patch!
Novo Nordisk, the world's largest insulin producer, disclosed a data breach exposing patient information linked to certain clinical trials. The incident reportedly affected partial patient data, highlighting persistent cybersecurity risks in pharma data handling. The company is investigating, notifying affected individuals, and strengthening safeguards.
Unlimited intelligence feeds and real-time alerts in the Secwiser app.
Download now