AI/MLMalicious bots now make up more than a third of web trafficLaura FrenchApril 15, 2025About 44% of advanced bot traffic targets APIs, according to the Imperva 2025 Bad Bot Report.
Vulnerability ManagementMITRE support expires for ‘pillar of cybersecurity industry,’ CVE programShaun NicholsApril 15, 2025DHS contract to operate the Common Vulnerabilities and Exposures (CVE) Program will expire on April 16.
Critical Infrastructure SecurityChina’s allegation that NSA hacked Asian Winter Games draws suspicionSteve ZurierApril 15, 2025Experts say companies need to step up cybersecurity during ongoing U.S.-China tensions.
RansomwareBlack Basta chat leaks reveal details on ransomware infrastructureShaun NicholsApril 15, 2025In addition to the insight into the Black Basta, report shows Clop had nearly 400 victims in Q1.
AI/MLGenAI vulnerabilities fixed only 21% of the time after pentestingLaura FrenchApril 14, 2025Cobalt’s State of Pentesting Report 2025 reveals how GenAI security lags behind adoption.
Vulnerability ManagementTycoon 2FA phishing kit adds stealth, expands to mobile devicesSteve ZurierApril 14, 2025The phishing-as-a-service (PaaS) kit targets Microsoft 365 and Gmail environments.
AI/MLFounder of e-commerce firm hit with fraud charge for lying about AI techShaun NicholsApril 11, 2025The $40 million startup was relying on manpower in the Philippines to run the so-called "AI" tool.
Threat IntelligenceBlack Basta-like Microsoft Teams phishing leads to novel backdoorLaura FrenchApril 11, 2025A new PowerShell backdoor and persistence technique that hijacks TypeLib were discovered.
NetworkingPalo Alto confirms brute-force attacks on PAN-OS GlobalProtect gatewaysSteve ZurierApril 11, 2025PAN points out that to date, the brute-force attacks have not led to exploitation.
IdentityIdentity is the new security architecture, says former CISA director EasterlyTom Spring April 10, 2025Easterly warns that without intelligent identity systems, AI-fueled cyberattacks will outpace defenses.
