China’s ‘FamousSparrow’ APT Nests in South Caucasus Energy Firm
The cyberthreat group targets an Azerbaijani oil and gas firm with repeated attacks, as the China-linked actors extend targeting beyond…
Cyber Security
AI Agents Generate Custom Hacking Tools on the Fly
Two threat campaigns heavily leveraged AI agents to support attacks against entities in Mexico and Brazil.
Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation
A threat actor with affiliations to China has been linked to a “multi-wave intrusion” targeting an unnamed Azerbaijani oil and…
[Webinar] Why Your AppSec Tools Miss the “Lethal Path” (and How to Fix It)
TL;DR: Stop chasing thousands of “toast” alerts. Join experts from Wiz and Okta/GitLab to learn how hackers connect tiny flaws…
Most Remediation Programs Never Confirm the Fix Actually Worked
Security teams have never had better visibility into their environments and never been worse at confirming what they fix stays…
Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws
Microsoft on Tuesday released patches for 138 security vulnerabilities spanning its product portfolio, although none of them have been listed…
GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data
Cybersecurity researchers are calling attention to a new campaign dubbed GemStuffer that has targeted the RubyGems repository with more than…
Android Adds Intrusion Logging for Sophisticated Spyware Forensics
Google on Tuesday unveiled a new opt-in Android feature called Intrusion Logging for storing forensic logs to better analyze sophisticated…
Patch Tuesday, May 2026 Edition
Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good…
It’s Patch Tuesday for Microsoft and Not a Zero-Day In Sight
It’s the first time in two years with no zero-days. But with 137 flaws to patch, including nine critical ones,…