Shai-Hulud v2 Campaign Spreads From npm to Maven, Exposing Thousands of Secrets
The second wave of the Shai-Hulud supply chain attack has spilled over to the Maven ecosystem after compromising more than…
Cyber Security
Meet Rey, the Admin of ‘Scattered Lapsus$ Hunters’
A prolific cybercriminal group that calls itself “Scattered LAPSUS$ Hunters” has dominated headlines this year by regularly stealing data from…
Digital Fraud at Industrial Scale: 2025 Wasn’t Great
Advanced fraud attacks surged 180% in 2025 as cyber-scammers used generative AI to churn out flawless IDs, deepfakes, and autonomous…
‘Dark LLMs’ Aid Petty Criminals, But Underwhelm Technically
As in the wider world, AI is not quite living up to the hype in the cyber underground. But it’s…
Prompt Injections Loom Large Over ChatGPT’s Atlas Browser
It’s the law of unintended consequences: equipping browsers with agentic AI opens the door to an exponential volume of prompt…
How Malware Authors Are Incorporating LLMs to Evade Detection
Cyberattackers are integrating large language models (LLMs) into the malware, running prompts at runtime to evade detection and augment their…
Enterprises Aren’t Confident They Can Secure Non-Human Identities (NHIs)
More than half of organizations surveyed aren’t sure they can secure non-human identities (NHIs), underscoring the lag between the rollout…
Qilin Ransomware Turns South Korean MSP Breach Into 28-Victim ‘Korean Leaks’ Data Heist
South Korea’s financial sector has been targeted by what has been described as a sophisticated supply chain attack that led…
A Strategic Budget Blueprint for DPDP Compliance: Phased Investment for Risk Reduction and Operational Readiness
India’s Digital Personal Data Protection (DPDP) Act represents a significant regulatory shift that affects every Data Fiduciary handling the personal…
When Your $2M Security Detection Fails: Can your SOC Save You?
Enterprises today are expected to have at least 6-8 detection tools, as detection is considered a standard investment and the…