PhishingClickFix attacks surge as exploits see drop in popularityShaun NicholsJune 18, 2025Threat actors have been increasingly relying on social engineering tactics such as ClickFix scams to lure victims into infecting their systems with malware
AI/ML42% of AI-using devs say at least half of their codebase is AI-generatedLaura FrenchJune 18, 2025Only 67% of developers said they review AI-generated code before deployment.
Application securityGodFather banking malware creates virtual environment on victim devicesSteve ZurierJune 18, 2025Malware observed targeting Turkish banks and scanning nearly 500 apps globally.
PhishingCybercriminals use SEO tricks to push phishing pagesShaun NicholsJune 18, 2025Search Engine Optimization (SEO) has become the latest tool for attackers looking to lure in targets for phishing attacks
Cloud SecurityHalf of organizations struggle to locate backup data, report findsLaura FrenchJune 17, 2025Outdated cloud backup management strategies pose data loss and ransomware risks.
RansomwareScattered Spider group attacking US insurance industry, Google saysSteve ZurierJune 17, 2025Ransomware group sets its sights on insurance sector after targeting retail.
Critical Infrastructure SecurityAlerts for flaws in industrial control systems include Siemens, AvevaShaun NicholsJune 16, 2025CISA issued a handful of alerts to address vulnerabilities in 10 industrial control appliances.
Threat IntelligenceFIN7-linked threat group impersonates 7-Zip, software updatesLaura FrenchJune 16, 2025GrayAlpha uses custom loaders to deploy the NetSupport RAT backdoor.
DevOpsPyPI repositories targeted by malicious ‘Chimera-Sandbox Extensions’Steve ZurierJune 16, 2025Bad package takes aim at AI apps that contain MacOS data, CI/CD pipelines, and AWS tokens.
Vulnerability ManagementHouse Dems call for review of U.S. government cybersecurity programsShaun NicholsJune 13, 2025The House Democrats asked for a full assessment of the NVD and CVE systems.
