Vercel Breach Tied to Context AI Hack Exposes Limited Customer Credentials
Web infrastructure provider Vercel has disclosed a security breach that allows bad actors to gain unauthorized access to “certain” internal…
Cyber Security
$13.74M Hack Shuts Down Sanctioned Grinex Exchange After Intelligence Claims
Grinex, a Kyrgyzstan-incorporated cryptocurrency exchange sanctioned by the U.K. and the U.S. last year, said it’s suspending operations after it…
Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet
Threat actors are exploiting security flaws in TBK DVR and end‑of‑life (EoL) TP-Link Wi-Fi routers to deploy Mirai-botnet variants on…
How NIST’s Cutback of CVE Handling Impacts Cyber Teams
Industry and ad hoc coalitions appear poised to help fill the gap created by NIST’s decision to cut back on…
Tycoon 2FA Phishers Scatter, Adopt Device Code Phishing
In embracing device code phishing, attackers trick victims into handing over account access by using a service’s legitimate new-device login…
Every Old Vulnerability Is Now an AI Vulnerability
AI’s danger isn’t that it’s creating new bugs, it’s that it’s amplifying old ones.
Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched
Huntress is warning that threat actors are exploiting three recently disclosed security flaws in Microsoft Defender to gain elevated privileges…
Coast Guard’s New Cybersecurity Rules Offers Lessons for CISOs
The Maritime Transportation Security Act (MTSA) requires plans to protect OT systems, audits by independent third parties, and a hybrid…
How Addressing Cloud Misconfigurations Disrupts the Cyber Kill Chain
In this post, I will show you how addressing cloud misconfigurations disrupts the cyber kill chain. Cloud environments offer speed…
Google Blocks 8.3B Policy-Violating Ads in 2025, Launches Android 17 Privacy Overhaul
Google this week announced a new set of Play policy updates to strengthen user privacy and protect businesses against fraud,…