Latest News

Palo Alto Networks has conducted an analysis of malicious LLMs that help threat actors with phishing, malware development, and reconnaissance. 

Hackers stole corporate data such as accounting records and legal agreements, but did not deploy file-encrypting ransomware.

The new self-replicating worm iteration has destructive capabilities, erasing home directory contents if it cannot spread to more repositories.

More than 100 alleged victims of the Oracle EBS campaign have been added to the Cl0p ransomware website.

CISA has added CVE-2025-61757 to its Known Exploited Vulnerabilities (KEV) catalog. 

The company has confirmed that it terminated an insider who shared screenshots of his computer with cybercriminals.

Without proper security controls, AI agents could perform malicious actions, such as data exfiltration and malware installation.

The Cl0p ransomware group has listed Mazda and Mazda USA as victims of the Oracle EBS campaign on its leak website.

The company has notified its customers of the incident roughly a week after a threat actor claimed the theft of 77GB of data from Iberia’s systems.

Names, Social Security numbers, ID numbers, and health information were stolen from a compromised email account.

More than 1.6 Tb of data allegedly stolen from Cox was made public by the hackers.

CrowdStrike became a global partner of Mercedes’ F1 team in 2019, but Kurtz’s purchase into the ownership group was his personally.

Other noteworthy stories that might have slipped under the radar: surge in Palo Alto Networks scanning, WEL Companies data breach impacts 120,000 people, AI second-order prompt injection attack.

CVE-2025-61757 is an unauthenticated remote code execution vulnerability affecting Oracle Identity Manager.

The number of participants in the cyber and physical grid security exercise increased by nearly 50% compared to two years ago.