Skip to content
View in the app

A better way to browse. Learn more.

hosang I.T.

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Security

2445 tech articles in this category

  1. Hacker News ·
    Google on Wednesday disclosed that it worked with industry partners to disrupt the infrastructure of a suspected China-nexus cyber espionage group tracked as UNC2814 that breached at least 53 organizations across 42 countries. "This prolific, elusive actor has a long history of targeting international governments and global telecommunications organizations across Africa, Asia, and the Americas,"View the full article
    • 0 comments
    • 44 views
  2. Hacker News ·
    Cybersecurity researchers have disclosed multiple security vulnerabilities in Anthropic's Claude Code, an artificial intelligence (AI)-powered coding assistant, that could result in remote code execution and theft of API credentials. "The vulnerabilities exploit various configuration mechanisms, including Hooks, Model Context Protocol (MCP) servers, and environment variables – executingView the full article
    • 0 comments
    • 42 views
  3. Hacker News ·
    The notorious cybercrime collective known as Scattered LAPSUS$ Hunters (SLH) has been observed offering financial incentives to recruit women to pull off social engineering attacks. The idea is to hire them for voice phishing campaigns targeting IT help desks, Dataminr said in a new threat brief. The group is said to be offering anywhere between $500 and $1,000 upfront per call, in addition toView the full article
    • 0 comments
    • 39 views
  4. Hacker News ·
    Triage is supposed to make things simpler. In a lot of teams, it does the opposite. When you can’t reach a confident verdict early, alerts turn into repeat checks, back-and-forth, and “just escalate it” calls. That cost doesn’t stay inside the SOC; it shows up as missed SLAs, higher cost per case, and more room for real threats to slip through. So where does triage go wrong? Here are five triageView the full article
    • 0 comments
    • 48 views
  5. Hacker News ·
    Cybersecurity researchers have discovered four malicious NuGet packages that are designed to target ASP.NET web application developers to steal sensitive data. The campaign, discovered by Socket, exfiltrates ASP.NET Identity data, including user accounts, role assignments, and permission mappings, as well as manipulates authorization rules to create persistent backdoors in victim applications.View the full article
    • 0 comments
    • 37 views
  6. CSOonline ·
    Microsoft says it has uncovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessments. The campaign employs carefully crafted lures to blend into routine workflows, such as cloning repositories, opening projects, and running builds, thereby allowing the malicious code to execute undetected. Telemetry collected during an incident investigation by Microsoft suggested the campaign’s alignment with a br
    • 0 comments
    • 32 views
  7. Hacker News ·
    Why automating sensitive data transfers is now a mission-critical priority More than half of national security organizations still rely on manual processes to transfer sensitive data, according to The CYBER360: Defending the Digital Battlespace report. This should alarm every defense and government leader because manual handling of sensitive data is not just inefficient, it is a systemicView the full article
    • 0 comments
    • 38 views
  8. CSOonline ·
    A Ukrainian man has been sentenced to five years in prison after helping North Korean IT workers infiltrate American companies using stolen identities, reports Bleepingcomputer. The 39-year-old man from Kiev pleaded guilty in November 2025 to charges including aggravated identity theft and conspiracy to commit fraud. He has also agreed to surrender assets worth over $1.4 million, including cash and cryptocurrency. According to US authorities, he stole identities from hundreds of people,
    • 0 comments
    • 37 views
  9. Hacker News ·
    A 39-year-old Australian national who was previously employed at U.S. defense contractor L3Harris has been sentenced to a little over seven years in prison for selling eight zero-day exploits to Russian exploit broker Operation Zero in exchange for millions of dollars. Peter Williams pleaded guilty to two counts of theft of trade secrets in October 2025. In addition to the jail term, WilliamsView the full article
    • 0 comments
    • 37 views
  10. Hacker News ·
    SolarWinds has released updates to address four critical security flaws in its Serv-U file transfer software that, if successfully exploited, could result in remote code execution. The vulnerabilities, all rated 9.1 on the CVSS scoring system, are listed below - CVE-2025-40538 - A broken access control vulnerability that allows an attacker to create a system admin user and execute arbitraryView the full article
    • 0 comments
    • 35 views
  11. CSOonline ·
    Security teams live in a world of numbers. Dashboards depict counts of blocked attacks, phishing clicks, vulnerabilities discovered, patches applied, alerts triaged, and incidents closed. Over the past decade, the cybersecurity industry has become adept at measuring activity with increasing precision. Experts say what remains far less consistent is whether those measurements help boards govern risk. For directors and senior executives, the purpose of security metrics reporting is not to cata
    • 0 comments
    • 37 views
  12. Hacker News ·
    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed vulnerability in FileZen to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2026-25108 (CVSS v4 score: 8.7), is a case of operating system (OS) command injection that could allow an authenticated user to executeView the full article
    • 0 comments
    • 42 views
  13. CSOonline ·
    Rob Schultz / Shutterstock Da Unternehmen Cybersicherheit in ihre GRC (Governance, Risk & Compliance)-Prozesse integrieren, müssen bestehende Programme überarbeitet werden. Nur so lässt sich sicherstellen, dass der zunehmende Einsatz und die Risiken von Generative und Agentic AI Berücksichtigung finden – und Unternehmen compliant bleiben. Die Risiken, die mit KI einhergehen, sind schwierig zu quantifizieren. Aktuelle Daten liefern jedoch Anhaltspunkte. So geht aus dem “AI Security Re
    • 0 comments
    • 40 views
  14. CSOonline ·
    Shutterstock/Gorodenkoff Sicherheitsforscher von Amazon Web Services (AWS) berichten, dass es einem russischsprachigen Hacker gelungen ist, zwischen dem 11. Januar und dem 18. Februar 2026 mehr als 600 Fortigate-Firewalls zu kompromittieren. Dem Bericht zufolge wurden keine FortiGate-Sicherheitslücken ausgenutzt – stattdessen griff der Hacker zunächst Firewalls mit schwachen Passwörtern an. Anschließend verschaffte er sich mithilfe eines auf Google Gemini basierenden KI-Tools Zugriff auf
    • 0 comments
    • 38 views
  15. CSOonline ·
    Rob Schultz / Shutterstock Da Unternehmen Cybersicherheit in ihre GRC (Governance, Risk & Compliance)-Prozesse integrieren, müssen bestehende Programme überarbeitet werden. Nur so lässt sich sicherstellen, dass der zunehmende Einsatz und die Risiken von Generative und Agentic AI Berücksichtigung finden – und Unternehmen compliant bleiben. Die Risiken, die mit KI einhergehen, sind schwierig zu quantifizieren. Aktuelle Daten liefern jedoch Anhaltspunkte. So geht aus dem “AI Security Re
    • 0 comments
    • 51 views
  16. CSOonline ·
    SolarWinds continues to be besieged by security issues, this time in its Serv-U managed file transfer server. The software company has released four patches for critical Serv-U remote code execution (RCE) vulnerabilities that could allow attackers to gain root (administrator) access to unpatched servers. These four common vulnerabilities and exposures (CVEs) are rated “critical,” the highest severity score. These should be treated as “high-urgency patch events,” said Ensar Seker, CISO at
    • 0 comments
    • 38 views
  17. CSOonline ·
    The latest fake Zoom meeting scam silently pushes surveillance software onto the Windows computers of unwitting employees. That’s according to researchers at Malwarebytes, who warn that staff falling for the scam land in a convincing imitation of a Zoom video call. Moments later, an automatic “Update Available” countdown downloads a malicious installer, without asking permission. The software installed is a covert build of Teramind, a commercial monitoring tool companies use to record wh
    • 0 comments
    • 46 views
  18. CSOonline ·
    VMware has released patches for several high- and medium-risk vulnerabilities that impact its Aria Operations, Cloud Foundation, Telco Cloud Platform, and Telco Cloud Infrastructure products. The most serious of these flaws allows unauthenticated attackers to execute arbitrary commands on the underlying OS, while another gives authenticated users the ability to elevate to administrator privileges. The issues — CVE-2026-22719, CVE-2026-22720, and CVE-2026-22721 — were privately reported t
    • 0 comments
    • 51 views
  19. CSOonline ·
    Business email compromise (BEC) is the digital con dressed to impress. It’s clean, calculated, and ready to fool even the sharpest eyes. These scammers don’t tell on themselves with sloppy hacks. They whisper in familiar voices, posing as your CEO, HR, or a trusted vendor. And, unlike phishing, they’re a precision strike built on inside intel. Just last year, BEC attacks racked up a staggering $2.7 billion in losses, a jump of 12.5% compared to 2021. That’s not petty cash, that’s financial c
    • 0 comments
    • 51 views
  20. CSOonline ·
    Ransomware isn’t an isolated, potential cyber threat—it’s like a living organism that can shapeshift with multiple strains, tactics, and targets. The cybercriminals behind ransomware attacks run these operations like a business and are motivated to keep up profits at any cost.  Their tactics range from quickly locking down an entire network to slowly leaking sensitive data over time; different types of ransomware pose different threats in their own unique ways. In this guide, we’ll discuss s
    • 0 comments
    • 39 views
  21. CSOonline ·
    Attackers are constantly on the prowl, scoping out vulnerabilities of network-connected devices in your systems. These devices—laptops, desktops, servers, IoT, and more—are like unlocked doors waiting for threat actors to stroll through. And here’s the kicker: many of these vulnerabilities are shockingly common and easily preventable. Let’s break down the weaknesses we most frequently track across three million endpoints (not a bad sample size!) and what you can do to patch those holes befor
    • 0 comments
    • 38 views
  22. CSOonline ·
    Business email compromise (BEC) is the cyber equivalent of an expertly forged handwritten note—no malware fireworks, no flashing warnings, just a convincing request that tricks someone into wiring money or handing over sensitive data. Knowing how to prevent BEC should sit at the top of every security to‑do list because even one fraudulent email can siphon six or seven figures in minutes. Why BEC attacks pack such a punch Unlike spray‑and‑pray phishing that relies on infected attachments,
    • 0 comments
    • 46 views
  23. CSOonline ·
    When it comes to cyber threats, business email compromise (BEC) is one of the sneakiest, most costly scams out there. These digital predators don’t rely on brute force, but are patient, tactical, and they exploit one weakness above all: human trust. If you’re in the cybersecurity game, spotting a BEC attack can mean the difference between an average Tuesday and a financial disaster. And if you’re wondering, “What are some identifiers of a BEC attack?” think less about firewalls and more about f
    • 0 comments
    • 41 views
  24. CSOonline ·
    When systems are attacked, we should respond. But how much better would it be if we could anticipate attacks before they strike and stop them with a proactive defense? Faced with today’s cybersecurity challenges, that is no simple task. McCall also warns of a “supply chain” of cybercrime consisting of ransomware-as-a-service, as well as threats embedded in developers’ toolsets. “Once an attack has occurred, the average time to reduce exposure is 58 days,” noted fellow webinar pan
    • 0 comments
    • 41 views
  25. Hacker News ·
    A vulnerability in GitHub Codespaces could have been exploited by bad actors to seize control of repositories by injecting malicious Copilot instructions in a GitHub issue. The artificial intelligence (AI)-driven vulnerability has been codenamed RoguePilot by Orca Security. It has since been patched by Microsoft following responsible disclosure. "Attackers can craft hidden instructions inside aView the full article
    • 0 comments
    • 44 views
  26. Hacker News ·
    A Russia-aligned threat actor has been observed targeting a European financial institution as part of a social engineering attack to likely facilitate intelligence gathering or financial theft, signaling a possible expansion of the threat actor's targeting beyond Ukraine and into entities supporting the war-torn nation. The activity, which targeted an unnamed entity involved in regionalView the full article
    • 0 comments
    • 49 views
  27. Hacker News ·
    Most identity programs still prioritize work the way they prioritize IT tickets: by volume, loudness, or “what failed a control check.” That approach breaks the moment your environment stops being mostly-human and mostly-onboarded. In modern enterprises, identity risk is created by a compound of factors: control posture, hygiene, business context, and intent. Any one of these can perhaps beView the full article
    • 0 comments
    • 53 views
  28. Hacker News ·
    The North Korea-linked Lazarus Group (aka Diamond Sleet and Pompilus) has been observed using Medusa ransomware in an attack targeting an unnamed entity in the Middle East, according to a new report by the Symantec and Carbon Black Threat Hunter Team. Broadcom's threat intelligence division said it also identified the same threat actors mounting an unsuccessful attack against a healthcareView the full article
    • 0 comments
    • 33 views
  29. CSOonline ·
    A massive Shai-Hulud-style npm supply chain worm is hitting the software ecosystem, burrowing through developer machines, CI pipelines, and AI coding tools. Socket researchers uncovered the active attack campaign and called it SANDWORM_MODE,  derived from the “SANDWORM_*” environment variable switches embedded in the malware’s runtime control logic.” At least 19 typosquatted packages were published under multiple aliases, posing as popular developer utilities and AI-related tools. Once i
    • 0 comments
    • 35 views
  30. Hacker News ·
    The threat activity cluster known as UnsolicitedBooker has been observed targeting telecommunications companies in Kyrgyzstan and Tajikistan, marking a shift from prior attacks aimed at Saudi Arabian entities. The attacks involve the deployment of two distinct backdoors codenamed LuciDoor and MarsSnake, according to a report published by Positive Technologies last week. "The group used severalView the full article
    • 0 comments
    • 39 views
  31. CSOonline ·
    PXLR Studio – shutterstock.com In Leipzig hat der Prozess um den illegalen Streamingdienst «movie2k.to» und einen Milliardengewinn mit Bitcoins begonnen. Vor dem Landgericht ist der 42 Jahre alte mutmaßliche Kopf des Portals unter anderem wegen gewerbsmäßiger Geldwäsche in 146 Fällen angeklagt. Mit ihm auf der Anklagebank sitzt ein 39-Jähriger, der sich wegen Geldwäsche in 46 Fällen und Steuerhinterziehung verantworten muss. Die Vorwürfe – in rund 220.000 Fällen urheberrechtlich geschützte W
    • 0 comments
    • 41 views
  32. CSOonline ·
    PXLR Studio – shutterstock.com In Leipzig hat der Prozess um den illegalen Streamingdienst «movie2k.to» und einen Milliardengewinn mit Bitcoins begonnen. Vor dem Landgericht ist der 42 Jahre alte mutmaßliche Kopf des Portals unter anderem wegen gewerbsmäßiger Geldwäsche in 146 Fällen angeklagt. Mit ihm auf der Anklagebank sitzt ein 39-Jähriger, der sich wegen Geldwäsche in 46 Fällen und Steuerhinterziehung verantworten muss. Die Vorwürfe – in rund 220.000 Fällen urheberrechtlich geschützte W
    • 0 comments
    • 38 views
  33. CSOonline ·
    Despite inroads in the C-suite and rising prominence across the business at large, security leaders are still more likely to operate at a remove from the organization’s executive leadership when it comes to reporting structures. According to IANS Research and Artico Search’s 2026 State of the CISO Benchmark Report, 64% of CISOs still report into IT, typically the CIO or CTO. Just 11% report to the CEO, while others fall under the CFO (5%), chief risk officer (5%), legal counsel (5%), or othe
    • 0 comments
    • 49 views
  34. CSOonline ·
    Since the earliest days of the internet, there has never been a let-up in adversarial activity. According to CrowdStrike’s just-released 12th annual Global Threat Report, malicious activity in cyberspace continues to not only accelerate but also expand its scale and increasingly abuse the trust of targeted organizations. The good news is that, despite discussion of AI democratizing threat activity, the volume of adversaries that government and corporate entities are contending with didn’t gr
    • 0 comments
    • 40 views
  35. CSOonline ·
    When Anthropic launched a “limited research preview” of its Claude Code Security offering on Friday, Wall Street investors sent the stocks of the largest cybersecurity vendors plunging. But did the Anthropic rollout warrant such a reaction?  After all, those companies, including CrowdStrike, Zscaler, Palo Alto Networks and Okta, are preparing their own agentic capabilities, and even if they weren’t, the code-checking capabilities promised by Anthropic are not initially a replacement for
    • 0 comments
    • 46 views
  36. Hacker News ·
    Anthropic on Monday said it identified "industrial-scale campaigns" mounted by three artificial intelligence (AI) companies, DeepSeek, Moonshot AI, and MiniMax, to illegally extract Claude's capabilities to improve their own models. The distillation attacks generated over 16 million exchanges with its large language model (LLM) through about 24,000 fraudulent accounts in violation of its termsView the full article
    • 0 comments
    • 49 views
  37. CSOonline ·
    MY STOCKERS – Shutterstock.com OT-Security als strategischer Erfolgsfaktor Die zunehmende Digitalisierung und Vernetzung in der industriellen Produktion haben OT-Security (Operational Technology-Sicherheit) zu einem Kernthema in Unternehmen gemacht. Produktionsdaten, SCADA-Systeme (Supervisory Control and Data Acquisition) und vernetzte Maschinen sind in vielen Branchen essenziell  – und äußerst anfällig für Cyberangriffe. Ein Zwischenfall kann nicht nur zu Produktionsausfällen und Image
    • 0 comments
    • 42 views
  38. CSOonline ·
    A Russian-speaking threat actor is using commercial generative AI services to compromise hundreds of Fortinet Fortigate firewalls, warns Amazon Threat Intelligence. Once on the network, the hackers successfully compromised Active Directory at hundreds of organizations, extracted complete credential databases, and targeted backup infrastructure — a potential precursor to ransomware deployment, the report adds. The report, by CJ Moses, CISO of Amazon Integrated Security, is another signal
    • 0 comments
    • 38 views
  39. Hacker News ·
    The Russia-linked state-sponsored threat actor tracked as APT28 has been attributed to a new campaign targeting specific entities in Western and Central Europe. The activity, per S2 Grupo's LAB52 threat intelligence team, was active between September 2025 and January 2026. It has been codenamed Operation MacroMaze. "The campaign relies on basic tooling and the exploitation of legitimate servicesView the full article
    • 0 comments
    • 44 views
  40. Hacker News ·
    Cybersecurity researchers have disclosed details of a new cryptojacking campaign that uses pirated software bundles as lures to deploy a bespoke XMRig miner program on compromised hosts. "Analysis of the recovered dropper, persistence triggers, and mining payload reveals a sophisticated, multi-stage infection prioritizing maximum cryptocurrency mining hashrate, often destabilizing the victimView the full article
    • 0 comments
    • 41 views
  41. Hacker News ·
    Security news rarely moves in a straight line. This week, it feels more like a series of sharp turns, some happening quietly in the background, others playing out in public view. The details are different, but the pressure points are familiar. Across devices, cloud services, research labs, and even everyday apps, the line between normal behavior and hidden risk keeps getting thinner. ToolsView the full article
    • 0 comments
    • 43 views
  42. CSOonline ·
    nitpicker – shutterstock.com Die RTL Group wurde offenbar Opfer einer Cyberattacke. Wie Cybernews berichtet, brüstet sich ein Cyberkrimineller namens LuneBF mit gestohlenen Daten von mehr als 27.000 Mitarbeitern der Mediengruppe. In seinem Darknet-Post behauptet der Angreifer, sich Zugriff auf die Intranet-Website der RTL Group verschafft zu haben. Als Beweis für den Angriff stellt er eine Stichprobe mit 100 Datensätzen zur Verfügung, die Mitarbeiter der RTL Group und ihrer Tochtergesell
    • 0 comments
    • 44 views
  43. Hacker News ·
    As more organizations run their own Large Language Models (LLMs), they are also deploying more internal services and Application Programming Interfaces (APIs) to support those models. Modern security risks are being introduced less from the models themselves and more from the infrastructure that serves, connects and automates the model. Each new LLM endpoint expands the attack surface, often inView the full article
    • 0 comments
    • 51 views
  44. CSOonline ·
    A newly uncovered infostealer, suspected to be built with the help of a large language model, is targeting victims with Python and C++ variants, each tailored for a different stage of data theft. Kaspersky researchers discovered a stealer dubbed “Arkanix,” which is capable of harvesting credentials, browser data, cryptocurrency, and banking assets from infected machines. “It collects a vast amount of information, including highly sensitive personal data,” Kaspersky researchers said in a Secu
    • 0 comments
    • 35 views
  45. CSOonline ·
    Attackers are actively exploiting two critical zero-day vulnerabilities in Ivanti’s Endpoint Manager Mobile (EPMM) to gain unauthenticated control of enterprise mobile device management infrastructure and install backdoors engineered to persist even after organizations apply available patches. “Two critical zero-day vulnerabilities (CVE-2026-1281 and CVE-2026-1340) affecting Ivanti Endpoint Manager Mobile (EPMM) are being actively exploited in the wild, affecting enterprise mobile fleets and
    • 0 comments
    • 41 views
  46. Hacker News ·
    Cybersecurity researchers have disclosed what they say is an active "Shai-Hulud-like" supply chain worm campaign that has leveraged a cluster of at least 19 malicious npm packages to enable credential harvesting and cryptocurrency key theft. The campaign has been codenamed SANDWORM_MODE by supply chain security company Socket. As with prior Shai-Hulud attack waves, the malicious code embeddedView the full article
    • 0 comments
    • 35 views
  47. Hacker News ·
    The Iranian hacking group known as MuddyWater (aka Earth Vetala, Mango Sandstorm, and MUDDYCOAST) has targeted several organizations and individuals mainly located across the Middle East and North Africa (MENA) region as part of a new campaign codenamed Operation Olalampo. The activity, first observed on January 26, 2026, has resulted in the deployment of new malware families that shareView the full article
    • 0 comments
    • 51 views
  48. CSOonline ·
    Artificial intelligence is revolutionizing the technology industry and this is equally true for the cybercrime ecosystem, as cybercriminals are increasingly leveraging generative AI to improve their tactics, techniques, and procedures and deliver faster, stronger, and sneakier attacks. As with legitimate use of emerging AI tools, abuse of generative AI for nefarious ends thus far hasn’t been so much about the novel and unseen as it has been about productivity and efficiency, lowering the bar
    • 0 comments
    • 54 views
  49. Hacker News ·
    A Russian-speaking, financially motivated threat actor has been observed taking advantage of commercial generative artificial intelligence (AI) services to compromise over 600 FortiGate devices located in 55 countries. That's according to new findings from Amazon Threat Intelligence, which said it observed the activity between January 11 and February 18, 2026. "No exploitation of FortiGateView the full article
    • 0 comments
    • 48 views
  50. Hacker News ·
    Artificial intelligence (AI) company Anthropic has begun to roll out a new security feature for Claude Code that can scan a user's software codebase for vulnerabilities and suggest patches. The capability, called Claude Code Security, is currently available in a limited research preview to Enterprise and Team customers. "It scans codebases for security vulnerabilities and suggests targetedView the full article
    • 0 comments
    • 38 views
  51. Hacker News ·
    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added two security flaws impacting Roundcube webmail software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerabilities in question are listed below - CVE-2025-49113 (CVSS score: 9.9) - A deserialization of untrusted data vulnerability that allows remote codeView the full article
    • 0 comments
    • 38 views
  52. Hacker News ·
    With $5.5 trillion in global AI risk exposure and 700,000 U.S. workers needing reskilling, four new AI certifications and Certified CISO v4 help close the gap between AI adoption and workforce readiness. EC-Council, creator of the world-renowned Certified Ethical Hacker (CEH) credential and a global leader in applied cybersecurity education, today launched its Enterprise AI Credential Suite,View the full article
    • 0 comments
    • 35 views
  53. Krebs ·
    Most phishing websites are little more than static copies of login pages for popular online destinations, and they are often quickly taken down by anti-abuse activists and security firms. But a stealthy new phishing-as-a-service offering lets customers sidestep both of these pitfalls: It uses cleverly disguised links to load the target brand’s real website, and then acts as a relay between the target and the legitimate site — forwarding the victim’s username, password and multi-factor authentica
    • 0 comments
    • 41 views
  54. CSOonline ·
    After breaking into a system, crooks often install legitimate remote admin tools to keep a foothold on the network — with the risk that the tool’s vendor spots them and locks them out. Now they have a new option: a fake remote monitoring and management (RMM) tool, complete with serious-looking online storefront, built just for them. “TrustConnect,” the malware-as-a-service (MaaS) spotted by researchers at Proofpoint, has a website to promote it and all the support infrastructure necessary to
    • 0 comments
    • 55 views
  55. Hacker News ·
    Threat actors have been observed exploiting a recently disclosed critical security flaw impacting BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) products to conduct a wide range of malicious actions, including deploying VShell and  The vulnerability, tracked as CVE-2026-1731 (CVSS score: 9.9), allows attackers to execute operating system commands in the context of theView the full article
    • 0 comments
    • 44 views
  56. Hacker News ·
    In yet another software supply chain attack, the open-source, artificial intelligence (AI)-powered coding assistant Cline CLI was updated to stealthily install OpenClaw, a self-hosted autonomous AI agent that has become exceedingly popular in the past few months. "On February 17, 2026, at 3:26 AM PT, an unauthorized party used a compromised npm publish token to publish an update to Cline CLIView the full article
    • 0 comments
    • 46 views
  57. CSOonline ·
    andrey_l – shutterstock.com Der Einzug von KI hat den benötigten Zeitaufwand für Cyberattacken massiv verkürzt, so dass menschliche Verteidiger nicht mehr mithalten können. So lautet das vielleicht wenig überraschende Ergebnis des 2026 Global Incident Response Report von Palo Alto Networks. Für die Studie hat das Unit-42-Forscherteam 750 Vorfälle in 50 Ländern analysiert. Bei den schnellsten der analysierten Angriffe gelangten die Täter innerhalb von 72 Minuten vom ersten Zugriff bis zur
    • 0 comments
    • 294 views
  58. CSOonline ·
    andrey_l – shutterstock.com Der Einzug von KI hat den benötigten Zeitaufwand für Cyberattacken massiv verkürzt, so dass menschliche Verteidiger nicht mehr mithalten können. So lautet das vielleicht wenig überraschende Ergebnis des 2026 Global Incident Response Report von Palo Alto Networks. Für die Studie hat das Unit-42-Forscherteam 750 Vorfälle in 50 Ländern analysiert. Bei den schnellsten der analysierten Angriffe gelangten die Täter innerhalb von 72 Minuten vom ersten Zugriff bis zur
    • 0 comments
    • 272 views
  59. Hacker News ·
    Cybersecurity researchers have disclosed details of a new ClickFix campaign that abuses compromised legitimate sites to deliver a previously undocumented remote access trojan (RAT) called MIMICRAT (aka AstarionRAT). "The campaign demonstrates a high level of operational sophistication: compromised sites spanning multiple industries and geographies serve as delivery infrastructure, a multi-stageView the full article
    • 0 comments
    • 41 views
  60. CISOmag ·
    Name : Cybersecurity Summit Hamburg 2026 Website: https://www.cycomhackingconference.com/ Date: April 28-29, 2026 Location: Hamburg, Germany Cybersecurity Summit 2026: The Future of Cybersecurity – the industry highlights in Hamburg On 28–29 April 2026, the Cybersecurity Summit will open its doors in Hamburg for the first time, inviting professionals and decision-makers from IT and information security to experience the future of cybersecurity live. In a world increasingly shaped by digital
    • 0 comments
    • 58 views
  61. Hacker News ·
    With one in three cyber-attacks now involving compromised employee accounts, insurers and regulators are placing far greater emphasis on identity posture when assessing cyber risk.  For many organizations, however, these assessments remain largely opaque. Elements such as password hygiene, privileged access management, and the extent of multi-factor authentication (MFA) coverage areView the full article
    • 0 comments
    • 42 views
  62. Hacker News ·
    A 29-year-old Ukrainian national has been sentenced to five years in prison in the U.S. for his role in facilitating North Korea's fraudulent information technology (IT) worker scheme. In November 2025, Oleksandr "Alexander" Didenko pleaded guilty to wire fraud conspiracy and aggravated identity theft for stealing the identities of U.S. citizens and selling them to IT workers to help them landView the full article
    • 0 comments
    • 44 views
  63. CSOonline ·
    Staatliche Kunstsammlungen Dresden Nach dem Cyberangriff auf die Staatlichen Kunstsammlungen Dresden in diesem Januar hat das Landeskriminalamt Sachsen (LKA) eine Sonderkommission gegründet. Diese führe auch die Ermittlungen unter Sachleitung der Generalstaatsanwaltschaft Dresden, wie die Ermittlungsbehörde mitteilte. Weitergehende Angaben machte die Generalstaatsanwaltschaft nicht. Am 21. Januar waren die Staatlichen Kunstsammlungen Dresden (SKD) Opfer eines Cyberangriffs geworden. Betr
    • 0 comments
    • 34 views
  64. Hacker News ·
    The U.S. Federal Bureau of Investigation (FBI) has warned of an increase in ATM jackpotting incidents across the country, leading to losses of more than $20 million in 2025. The agency said 1,900 ATM jackpotting incidents have been reported since 2020, out of which 700 took place last year. In December 2025, the U.S. Department of Justice (DoJ) said about $40.73 million has been collectivelyView the full article
    • 0 comments
    • 44 views
  65. CSOonline ·
    When PayPal started emailing customers this month that it was backing off unencrypted SMS for multifactor authentication (MFA) at login, it came with the typical approach-avoidance asterisk. The financial services giant signaled that it was turning the page on the much-maligned authentication method while simultaneously offering no timeline and assuring customers SMS wouldn’t entirely go away — a curious strategy that could help smooth over customer loss. SMS has a long history of opposi
    • 0 comments
    • 68 views
  66. CSOonline ·
    When PayPal started emailing customers this month that it was backing off unencrypted SMS for multifactor authentication (MFA) at login, it came with the typical approach-avoidance asterisk. The financial services giant signaled that it was turning the page on the much-maligned authentication method while simultaneously offering no timeline and assuring customers SMS wouldn’t entirely go away — a curious strategy that could help smooth over customer loss. SMS has a long history of opposi
    • 0 comments
    • 73 views
  67. Hacker News ·
    Two former Google engineers and one of their husbands have been indicted in the U.S. for allegedly committing trade secret theft from the search giant and other tech firms and transferring the information to unauthorized locations, including Iran. Samaneh Ghandali, 41, and her husband Mohammadjavad Khosravi (aka Mohammad Khosravi), 40, along with her sister Soroor Ghandali, 32, have been accusedView the full article
    • 0 comments
    • 38 views
  68. CSOonline ·
    Um Passwörter hinter sich zu lassen, gibt es bessere Lösungen. Wir zeigen Ihnen zehn. Foto: Raffi Ilham Pratama – shutterstock.com Passwörter sind seit Jahrzehnten der Authentifizierungsstandard für Computersysteme, obwohl sie sich immer wieder aufs Neue als anfällig für diverse Cyberangriffsformen erwiesen haben und kompromittierte Benutzerkonten auf regelmäßiger Basis zum Einfallstor für kriminelle Hacker werden. Ein Mittel für CISOs, um diesem Problem zu begegnen, ist die passwortlose Authe
    • 0 comments
    • 297 views
  69. CSOonline ·
    Another device code phishing campaign that abuses OAuth device registration to bypass multifactor authentication login protections has been discovered. Researchers at KnowBe4 say the campaign is largely targeting North American businesses and professionals by tricking unwitting employees into clicking a link in an email from a threat actor. The message purports to be about a corporate electronic funds payment, a document about salary bonuses, a voicemail, or contains some other lure. It
    • 0 comments
    • 50 views
  70. CSOonline ·
    This week, the US National Institute of Standards and Technology (NIST) announced a new listening exercise, the AI Agent Standards Initiative, which it hopes will provide a roadmap for addressing agentic AI hurdles and, it said, ensure that the technology “is widely adopted with confidence.” AI agents, which have now ascended to the status of enterprise tools, are designed to be autonomous and powerful: ambiguous but ominous concepts where boundaries and limits are not always easy to define
    • 0 comments
    • 63 views
  71. Hacker News ·
    Cybersecurity researchers have discovered what they say is the first Android malware that abuses Gemini, Google's generative artificial intelligence (AI) chatbot, as part of its execution flow and achieves persistence. The malware has been codenamed PromptSpy by ESET. The malware is equipped to capture lockscreen data, block uninstallation efforts, gather device information, take screenshots,View the full article
    • 0 comments
    • 48 views
  72. Hacker News ·
    An international cybercrime operation against online scams has led to 651 arrests and recovered more than $4.3 million as part of an effort led by law enforcement agencies from 16 African countries. The initiative, codenamed Operation Red Card 2.0, took place between December 8, 2025 and January 30, 2026, according to INTERPOL. It targeted infrastructure and actors behind high-yield investmentView the full article
    • 0 comments
    • 47 views
  73. Hacker News ·
    Microsoft has disclosed a now-patched security flaw in Windows Admin Center that could allow an attacker to escalate their privileges. Windows Admin Center is a locally deployed, browser-based management tool set that lets users manage their Windows Clients, Servers, and Clusters without the need for connecting to the cloud. The high-severity vulnerability, tracked as CVE-2026-26119, carries aView the full article
    • 0 comments
    • 44 views
  74. Hacker News ·
    The cyber threat space doesn’t pause, and this week makes that clear. New risks, new tactics, and new security gaps are showing up across platforms, tools, and industries — often all at the same time. Some developments are headline-level. Others sit in the background but carry long-term impact. Together, they shape how defenders need to think about exposure, response, and preparedness right nowView the full article
    • 0 comments
    • 52 views
  75. compuquip ·
    AI in network security continues to mature across detection, analytics, and response. One of the most visible applications is automated firewall management -accelerating rule changes while reducing manual effort.  The promise is efficiency. The risk is incomplete context. Most traditional automation models assume a single device, a net-new rule, and a static traffic path. In production environments, those assumptions rarely hold. Firewall policy exists within layered rulebases, inherited devi
    • 0 comments
    • 61 views
  76. CSOonline ·
    Security researchers have uncovered six high-to-critical flaws affecting the open-source AI agent framework OpenClaw, popularly known as a “social media for AI agents.” The flaws were discovered by Endor Labs as its researchers ran the platform through an AI-driven static application security testing (SAST) engine designed to follow how data actually moves through the agentic AI software. The bugs span several web security categories, including server-side request forgery (SSRF), missing web
    • 0 comments
    • 63 views
  77. Hacker News ·
    We’ve all seen this before: a developer deploys a new cloud workload and grants overly broad permissions just to keep the sprint moving. An engineer generates a "temporary" API key for testing and forgets to revoke it. In the past, these were minor operational risks, debts you’d eventually pay down during a slower cycle. In 2026, “Eventually” is Now But today, within minutes, AI-poweredView the full article
    • 0 comments
    • 46 views
  78. Hacker News ·
    Cybersecurity researchers have disclosed details of a new Android trojan called Massiv that's designed to facilitate device takeover (DTO) attacks for financial theft. The malware, according to ThreatFabric, masquerades as seemingly harmless IPTV apps to deceive victims, indicating that the activity is primarily singling out users looking for the online TV applications. "This new threat, whileView the full article
    • 0 comments
    • 45 views
  79. CSOonline ·
    Enterprise security teams racing to enable generative AI tools may be overlooking a new risk: attackers can abuse web-based AI assistants such as Grok and Microsoft Copilot to quietly relay malware communications through domains that are often exempt from deeper inspection. The technique, outlined by Check Point Research (CPR), exploits the web-browsing and URL-fetch capabilities of these platforms to create a bidirectional command-and-control channel that blends into routine AI traffic and
    • 0 comments
    • 47 views
  80. CSOonline ·
    Overearth – shutterstock.com Cybersicherheit wird oft wie ein Spiel behandelt. Unternehmen jagen schnellen Erfolgen hinterher, haken Compliance-Listen ab oder klopfen sich nach einem einzigen erfolgreichen Audit selbst auf die Schulter. Auf dem Papier mag das produktiv aussehen, aber in Wirklichkeit schafft es ein falsches Gefühl der Sicherheit. Der CISO stellt in diesem Bild den Quarterback dar, auf dem die ganze Verantwortung lastet. Cybersecurity ist jedoch kein Spiel. Sie erfordert e
    • 0 comments
    • 53 views
  81. CISOmag ·
    Name : CPT Cybersecurity Conference Website: https://www.cycomhackingconference.com/ Date: March 4-5, 2026 Location: Allianz Arena, Munich, Germany CPT 2026: Connect. Protect. Transform. Join Germany’s top voices for Cybersecurity at Munich’s Allianz Arena from March 4–5. Master NIS-2 compliance, AI resilience, and BSI standards through high-level networking and expert keynotes. Secure your strategy for the digital future. CPT 2026: Strategic Resilience & Digital Sovereignty Who determi
    • 0 comments
    • 60 views
  82. Hacker News ·
    Cybersecurity researchers have disclosed details of a new campaign dubbed CRESCENTHARVEST, likely targeting supporters of Iran's ongoing protests to conduct information theft and long-term espionage. The Acronis Threat Research Unit (TRU) said it observed the activity after January 9, with the attacks designed to deliver a malicious payload that serves as a remote access trojan (RAT) andView the full article
    • 0 comments
    • 48 views
  83. CSOonline ·
    For Nikoloz Kokhreidze, the move into cybersecurity consulting came gradually through a series of small steps. “I accumulated enough experience across different industries, I started my newsletter, and I realized there’s a community of people interested in what I have to say,” he explains. What ultimately crystallized the decision was the thought that his impact didn’t have to stop at the edge of one organization. “I was solving the same problems repeatedly in one company,” he says, “when I
    • 0 comments
    • 48 views
  84. CSOonline ·
    The recently compromised update mechanism for the popular open source text editor Notepad ++ has been hardened so it’s now ‘effectively unexploitable’, says the application’s author. Don Ho made the claim this week after the release of version 8.9.2 of Notepad++, which includes a double-lock verification that any download of the tool from this point on is genuine. The latest version verifies the signed XML returned by the update server in addition to the first step of the hardening in versio
    • 0 comments
    • 54 views
  85. CSOonline ·
    For the past 18 months, a Chinese cyberespionage group has been exploiting a prevously unknown vulnerability in Dell’s RecoverPoint for Virtual Machines, a VM disaster recovery solution. The flaw, patched by Dell this week, allows unauthenticated attackers to gain command execution on the underlying OS as root. The vulnerability, tracked as CVE-2026-22769, stems from hardcoded admin credentials for the Apache Tomcat Manager, which can be leveraged to deploy malicious WAR (Web Application Arc
    • 0 comments
    • 55 views
  86. Hacker News ·
    New research from the Citizen Lab has found signs that Kenyan authorities used a commercial forensic extraction tool manufactured by Israeli company Cellebrite to break into a prominent dissident's phone, making it the latest case of abuse of the technology targeting civil society. The interdisciplinary research unit at the University of Toronto's Munk School of Global Affairs & PublicView the full article
    • 0 comments
    • 56 views
  87. Hacker News ·
    Cybersecurity researchers have disclosed a critical security flaw in the Grandstream GXP1600 series of VoIP phones that could allow an attacker to seize control of susceptible devices. The vulnerability, tracked as CVE-2026-2329, carries a CVSS score of 9.3 out of a maximum of 10.0. It has been described as a case of unauthenticated stack-based buffer overflow that could result in remote codeView the full article
    • 0 comments
    • 45 views
  88. CSOonline ·
    2lttgamingroom – shutterstock.com Ein Sicherheitsforscher mit dem Pseudonym „Q Continuum“ hat 287 Chrome-Erweiterungen entdeckt, die den Browserverlauf exfiltrieren. „Die Akteure hinter den Lecks sind vielfältig: Similarweb, Curly Doggo, Offidocs, chinesische Akteure, viele kleinere, unbekannte Datenbroker sowie ein mysteriöses Unternehmen namens ‚Big Star Labs‘, das offenbar ein Ableger von Similarweb ist“, heißt es im Forschungsbericht. Für die Analyse entwickelte der Forscher eine aut
    • 0 comments
    • 50 views
  89. CSOonline ·
    2lttgamingroom – shutterstock.com Ein Sicherheitsforscher mit dem Pseudonym „Q Continuum“ hat 287 Chrome-Erweiterungen entdeckt, die den Browserverlauf exfiltrieren. „Die Akteure hinter den Lecks sind vielfältig: Similarweb, Curly Doggo, Offidocs, chinesische Akteure, viele kleinere, unbekannte Datenbroker sowie ein mysteriöses Unternehmen namens ‚Big Star Labs‘, das offenbar ein Ableger von Similarweb ist“, heißt es im Forschungsbericht. Für die Analyse entwickelte der Forscher eine aut
    • 0 comments
    • 52 views
  90. Hacker News ·
    Cybersecurity researchers have disclosed multiple security vulnerabilities in four popular Microsoft Visual Studio Code (VS Code) extensions that, if successfully exploited, could allow threat actors to steal local files and execute code remotely. The extensions, which have been collectively installed more than 125 million times, are Live Server, Code Runner, Markdown Preview Enhanced, andView the full article
    • 0 comments
    • 53 views
  91. CSOonline ·
    Critical and high-severity vulnerabilities were found in four widely used Visual Studio Code extensions with a combined 128 million downloads, exposing developers to file theft, remote code execution, and local network reconnaissance. Application security company OX Security published the findings this week, saying it had begun notifying vendors in June 2025 but received no response from three of the four maintainers. Three CVEs, CVE-2025-65717, CVE-2025-65715, and CVE-2025-65716, were f
    • 0 comments
    • 51 views
  92. CSOonline ·
    There’s too little a user can do when hit with a complex Android malware that comes preinstalled on their new smartphone or tablet. Security researchers at Kaspersky have flagged a multifaceted Android malware dubbed Keenadu that can ship preinstalled via device firmware, compromising users before they even complete setup. “Keenadu serves as a reminder that mobile malware isn’t just a bad app problem anymore, but rather a supply chain and firmware integrity problem,” said Nick Tausek, le
    • 0 comments
    • 58 views
  93. Hacker News ·
    In 2025, navigating the digital seas still felt like a matter of direction. Organizations charted routes, watched the horizon, and adjusted course to reach safe harbors of resilience, trust, and compliance. In 2026, the seas are no longer calm between storms. Cybersecurity now unfolds in a state of continuous atmospheric instability: AI-driven threats that adapt in real time, expandingView the full article
    • 0 comments
    • 71 views
  94. CSOonline ·
    Deutsche Bahn AG/Volker Emersleben Die Störungen der Auskunfts- und Buchungssysteme der Deutschen Bahn sind nach Unternehmensangaben auf einen Cyberangriff zurückzuführen. Inzwischen stehen die Systeme wieder zur Verfügung, wie die Bahn mitteilte. Über mögliche Urheber des Angriffs machte der Konzern keine Angaben. Schon am Dienstagnachmittag hatte es IT-Schwierigkeiten gegeben. Betroffen waren sowohl die Bahn-App «DB Navigator» als auch die Website bahn.de. Auf beiden Systemen können Ku
    • 0 comments
    • 282 views
  95. CSOonline ·
    Deutsche Bahn AG/Volker Emersleben Die Störungen der Auskunfts- und Buchungssysteme der Deutschen Bahn sind nach Unternehmensangaben auf einen Cyberangriff zurückzuführen. Inzwischen stehen die Systeme wieder zur Verfügung, wie die Bahn mitteilte. Über mögliche Urheber des Angriffs machte der Konzern keine Angaben. Schon am Dienstagnachmittag hatte es IT-Schwierigkeiten gegeben. Betroffen waren sowohl die Bahn-App «DB Navigator» als auch die Website bahn.de. Auf beiden Systemen können Ku
    • 0 comments
    • 279 views
  96. CSOonline ·
    For years, I was fortunate to live many years, earning enough budget to deploy cybersecurity programs. I worked the same playbook: run a risk assessment, show a few quick wins, build a business case and the budget would follow. It took effort, but after a few cycles, the process almost felt predictable. One recent experience changed everything. A new boss, a senior VP, came to me and said when I arrived to the role, “We need to be financially efficient. We need to reduce current-year expense
    • 0 comments
    • 55 views
  97. CSOonline ·
    CredShields announces that the OWASP Smart Contract Security Project has officially released the OWASP Smart Contract Top 10 2026, a risk prioritization framework derived from structured analysis of 2025 smart contract incidents representing hundreds of millions in contract related losses. CredShields, supported by its exploit intelligence platforms including SolidityScan and Web3HackHub, led the structured incident aggregation and impact-weighted pattern analysis informing this year’s ranki
    • 0 comments
    • 60 views
  98. Hacker News ·
    A maximum severity security vulnerability in Dell RecoverPoint for Virtual Machines has been exploited as a zero-day by a suspected China-nexus threat cluster dubbed UNC6201 since mid-2024, according to a new report from Google Mandiant and Google Threat Intelligence Group (GTIG). The activity involves the exploitation of CVE-2026-22769 (CVSS score: 10.0), a case of hard-coded credentialsView the full article
    • 0 comments
    • 61 views
  99. Hacker News ·
    Security, IT, and engineering teams today are under relentless pressure to accelerate outcomes, cut operational drag, and unlock the full potential of AI and automation. But simply investing in tools isn’t enough. 88% of AI proofs-of-concept never make it to production, even though 70% of workers cite freeing time for high-value work as the primary AI automation motivation. Real impact comesView the full article
    • 0 comments
    • 59 views

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.