SecurityWeek

President Donald Trump has unveiled a sweeping new plan for America’s “global dominance” in artificial intelligence.

More information has emerged on the ToolShell SharePoint zero-day attacks, including impact, victims, and threat actors.

AI voice clones can impersonate people in a way that Altman said is increasingly “indistinguishable from reality” and will require new methods for verification.

Experts unpack the risks of trusting agentic AI, arguing that fallibility, hype, and a lack of transparency demand caution—before automation outpaces our understanding.

French authorities announced that an alleged admin of XSS.is, one of the longest-running cybercrime forums, has been arrested in Ukraine.

Critics warn that a ban on ransomware payments may lead to dangerous unintended consequences, including forcing victims into secrecy or incentivizing attackers to shift tactics.

Akamai’s analysis of the Coyote malware revealed that it abuses Microsoft’s UIA accessibility framework to obtain data.

The US government has issued an alert on the Interlock ransomware, which targets organizations via drive-by download attacks.

Sophos has patched five vulnerabilities in Sophos Firewall that could allow remote attackers to execute arbitrary code.

Fresh security updates for Chrome and Firefox resolve multiple high-severity memory safety vulnerabilities.

The Lumma Stealer is back after Microsoft and law enforcement took action to significantly disrupt the malware’s infrastructure.

Cisco says it is aware of attempted exploitation of critical ISE vulnerabilities leading to unauthenticated remote code execution.

CISA has added two recent SysAid vulnerabilities, CVE-2025-2776 and CVE-2025-2775, to its KEV catalog.

Microsoft says the Chinese threat actors Linen Typhoon, Violet Typhoon, and Storm-2603 have been exploiting the ToolShell zero-days.

Once a manageable function, security operations has become a battlefield of complexity.

Dell confirms the compromise of a demo environment containing synthetic data after hackers leak allegedly stolen information.

Eight vulnerabilities, including ones allowing full control over a device, have been discovered and patched in Helmholz REX 100 industrial routers. 

AI-powered cybersecurity company Darktrace has acquired network traffic visibility provider Mira Security.

Dior says hackers accessed personal information in a January 2025 intrusion. No payment information was compromised.

The UK government has sanctioned three Russian APTs and 18 individuals for their involvement in cyber operations against Ukraine, NATO allies, and EU.