Application Security Engineer Liebherr Group | Germany | On-site – View job details As an Application Security Engineer, you will implement security testing tools such as SAST, DAST, and IAST, perform vulnerability assessments and penetration testing, and collaborate with developers to remediate issues and enforce secure coding practices. You will automate security testing in CI/CD…
Tag: Group
AI, Compliance, Cybersecurity, Global Security News, Network Security, Risk Management, Venture
Blind Men and the Elephant: the story of cybersecurity
Blind men and the elephant There’s an old story about a group of blind people who come across an elephant for the first time. Since they can’t see it, each of them tries to understand what it is by touching a different part. One person grabs the trunk and says the elephant is like a…
AI, Exploits, Global Security News
Storm-1175 Deploys Medusa Ransomware at ‘High Velocity’
Microsoft says the financially motivated cybercrime group has exploited N-day and zero-day vulnerabilities in campaigns predicated on speed.
AI, Exploits, Global Security News, Russia
Russian hackers hijack internet traffic using vulnerable routers
The Russian state cyber group APT28 has been compromising routers to hijack web traffic and spy on victims, the UK’s The National Cyber Security Centre (NCSC) has warned. Attackers are exploiting vulnerable routers to alter DHCP and DNS settings, redirecting traffic through servers they control. “We assess that APT28 is almost certainly the Russian General…
AI, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
Microsoft says Medusa-linked Storm-1175 is speeding ransomware attacks
Microsoft has warned that Storm-1175, a cybercrime group linked to Medusa ransomware, is exploiting vulnerable web-facing systems in fast-moving attacks, at times moving from initial access to data theft and ransomware deployment within 24 hours. The company said the group has heavily targeted organizations in healthcare, education, professional services, and finance across Australia, the UK,…
Global Security News
Storm-1175 Exploits Flaws in High-Velocity Medusa Attacks
Microsoft has released a new report about the Storm-1175 group and its connection to Medusa ransomware
AI, Global Security News
Naitiv Launches AI-Focused ServiceNow Consultancy
A group of former Thirdera executives has launched Naitiv, a new ServiceNow-focused consultancy designed to help enterprises operationalize AI, starting with the insurance sector. We spoke with Naitiv CEO Jon Reynolds and Managing Partner Bill Devine about the launch and why the consultancy is committed to the ServiceNow platform as it scales support. Naitiv launches…
china, Exploits, Global Security News
Microsoft links Medusa ransomware affiliate to zero-day attacks
Microsoft says that Storm-1175, a China-based financially motivated cybercriminal group known for deploying Medusa ransomware payloads, has been deploying n-day and zero-day exploits in high-velocity attacks. […]
AI, Global Security News, malware
UNC1069 Targets Node.js Maintainers via Fake LinkedIn, Slack Profiles
North Korean group UNC1069 targets Node.js maintainers using fake LinkedIn and Slack profiles to spread malware and compromise open source packages.
AI, Global Security News
Die Linke German political party confirms data stolen by Qilin ransomware
The Qilin ransomware group has claimed responsibility for an attack against Die Linke (‘The Left’), forcing an IT systems outage at the political party, and threatening sensitive data leak. […]
AI, Cybersecurity, Exploits, Global Security News, malware
Akira ransomware group can achieve initial access to data encryption in less than an hour
The Akira ransomware group has compromised hundreds of victims over the past year with a well-honed attack lifecycle that has whittled down the time from initial access to encryption of data in less than four hours, according to cybersecurity firm Halcyon. Akira has been active since 2023, racking up at least $245 million in ransom…
AI, Apps, Cloud Security, Data Breaches, Endpoint, Global Security News, Network Security, Risk Management
Alleged Starbucks Incident Exposes Code and Firmware
A threat group is claiming to have breached Starbucks and stolen 10GB of sensitive data, including proprietary source code and firmware tied to its in-store machines and global operations. The group, ShadowByt3s, alleges it accessed a misconfigured Amazon S3 bucket and is now threatening to leak the data unless a ransom is paid. “The leak…
AI, china, Europe, Global Security News, Government & Policy, malware, Russia
European-Chinese geopolitical issues drive renewed cyberespionage campaign
A Chinese cyberespionage group has shifted its gaze back to Europe after years of focusing on other parts of the world, Proofpoint research published Wednesday found. The surge began in mid-2025, with a bevy of issues bubbling up between China and Europe, the company said. Proofpoint labels the government-linked group TA416, but other companies track…
AI, Exploits, Global Security News, malware
Google links Axios npm supply chain attack to North Korea-linked APT UNC1069
Google links the Axios npm supply chain attack to North Korean threat group UNC1069, targeting financial gain. Google has attributed the recent Axios npm supply chain compromise to a North Korean threat group tracked as UNC1069. The attack, aimed at financial gain, exploited the package to target developers and organizations relying on Axios. John Hultquist…
Europe, Global Security News
Chinese Hackers Target European Governments in Espionage Campaigns
Chinese state-backed group TA416 had suspended its cyber espionage operations in Europe since 2023, noted Proofpoint
AI, Apps, Europe, Global Security News, Government & Policy, privacy, Russia
Euro-Office billed as Europe’s sovereign alternative to Microsoft Office
A group of European technology firms has launched a new open-source office suite aimed at offering a sovereign alternative to Microsoft Office. Euro-Office consists of four core applications — a document editor, spreadsheet program, presentation tool, and PDF editor — and is built on the open-source OnlyOffice suite. It supports Microsoft Office file formats DOCX,…
AI, Data Security, Global Security News
Nearly half a Million mobile customers of Lloyds Banking Group affected by security incident
Lloyds Banking Group data incident exposed transactions of ~450,000 mobile banking users due to a faulty update. A faulty software update at Lloyds Banking Group exposed transaction details of nearly 450,000 mobile banking users on March 12. The issue caused some customers to see other users’ account activity within the app, prompting the bank to…
Global Security News
Lloyds Group to Compensate 450,000 Customers After App Glitch
Lloyds Banking Group to compensate 450,000 customers after app glitch exposed data. Find out how the glitch affected…
AI, Data Breaches, Europe, Global Security News, Government & Policy, malware, Risk Management
Iran-linked group Handala hacked FBI Director Kash Patel’s personal email account
Iran-linked group Handala claims it hacked FBI Director Kash Patel’s personal email, leaking files. The FBI says no government data was exposed. Iran-linked hacking group Handala claims it breached FBI Director Kash Patel’s personal Gmail account and shared alleged data, including photos and files. The FBI confirmed it is aware of the incident and has…
AI, Apps, Global Security News, privacy
Lloyds Bank reveals how IT bug exposed transaction data
Lloyds Banking Group has identified the glitch that led to some of its customers being able to see details of other customers’ transactions on March 12. It revealed the information in a letter to the UK Parliament’s Treasury Committee, setting out the details of the incident and how it has been handled. The issue arose…
AI, Global Security News, Russia
Bearlyfy Hits 70+ Russian Firms with Custom GenieLocker Ransomware
A pro-Ukrainian group called Bearlyfy has been attributed to more than 70 cyber attacks targeting Russian companies since it first surfaced in the threat landscape in January 2025, with recent attacks leveraging a custom Windows ransomware strain codenamed GenieLocker. “Bearlyfy (also known as Labubu) operates as a dual-purpose group aimed at inflicting maximum damage upon…
AI, Apps, china, Exploits, Global Security News, Government & Policy, malware, Network Security
China-linked Red Menshen APT deploys stealthy BPFDoor implants in telecom networks
China-linked Red Menshen APT group used stealthy BPFDoor implants in telecom networks to spy on government targets. Rapid7 Labs uncovered a China-linked threat group known as Red Menshen has been running a long-term espionage campaign by infiltrating telecom networks, mainly in the Middle East and Asia. Active since at least 2021, the group uses highly…
Global Security News
Iran-Linked Pay2Key Ransomware Group Re-Emerges
Halcyon and Beazley Security track the return of Iranian ransomware group Pay2Key
AI, Apps, Compliance, Global Security News, privacy, Risk Management
Security for the Quantum Era: Implementing Post-Quantum Cryptography in Android
Posted by Eric Lynch, Product Manager, Android and Dom Elliot, Group Product Manager, Google Play Modern digital security is at a turning point. We are on the threshold of using quantum computers to solve “impossible” problems in drug discovery, materials science, and energy—tasks that even the most powerful classical supercomputers cannot handle. However, the same…
AI, Europe, Global Security News
Njordium AI blocks fake invoices and fraudulent payments
Njordium Cyber Group has launched its new AI Fraud Detection Module, a self-learning AI engine integrated into the recently released Vendor Management System (VMS). The module instantly detects and neutralises fake invoices, phantom services or products, and inflated pricing. Fully transparent and compliant with the EU AI Act, it delivers a regulator-aligned solution to Europe’s…
AI, Data Breaches, Global Security News, Risk Management
Cybercrime group Lapsus$ claims the hack of pharma giant AstraZeneca
Cybercrime group Lapsus$ claims it hacked AstraZeneca, stealing 3GB of data including credentials, code, and employee information. The Lapsus$ group claims it breached AstraZeneca, stealing about 3GB of sensitive data. The alleged leak includes credentials, tokens, internal code repositories (Java, Angular, Python), and employee information, though the company has not yet confirmed the breach. Even…
AI, Global Security News
Popular LiteLLM PyPI package compromised in TeamPCP supply chain attack
The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular “LiteLLM” Python package on PyPI and claiming to have stolen data from hundreds of thousands of devices during the attack. […]
Global Security News
FBI Warns of Iran’s Handala Hack Group Using Fake Apps to Spy on Windows Users
The FBI has issued a warning about Iran-linked Handala Hack Group, targeting Windows users through fake versions of WhatsApp and Telegram.
AI, Compliance, Endpoint, Exploits, Global Security News, Government & Policy, Risk Management
HP launches TPM Guard to help defeat physical TPM attacks
The Trusted Platform Module (TPM), developed by the Trusted Computing Group (TCG), is a mandatory security component in any computer running Windows 11. It stores sensitive information such as encryption keys in a separate, secure chip, passing it to the CPU as required. However, there’s a problem. If an attacker can get physical access to…
AI, Compliance, Endpoint, Exploits, Global Security News, Government & Policy, Risk Management
HP launches TPM Guard to help defeat physical TPM attacks
The Trusted Platform Module (TPM), developed by the Trusted Computing Group (TCG), is a mandatory security component in any computer running Windows 11. It stores sensitive information such as encryption keys in a separate, secure chip, passing it to the CPU as required. However, there’s a problem. If an attacker can get physical access to…
Global Security News
Handala Group Tied to Iranian Hack‑and‑Leak Operations, FBI Reveals
The FBI has warned that Iranian hacking group Handala has been targeting opponents of the regime since 2023
Global Security News
TeamPCP deploys Iran-targeted wiper in Kubernetes attacks
The TeamPCP hacking group is targeting Kubernetes clusters with a malicious script that wipes all machines when it detects systems configured for Iran. […]
AI, Global Security News
Amazon Collaborates With NVIDIA on Advanced AI Assistants for Cars
The technology could help automakers build AI assistants that understand group conversations and what’s happening around the car.
AI, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management
‘CanisterWorm’ Springs Wiper Attack Targeting Iran
A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wipes data on infected systems that use Iran’s time zone or have Farsi set as the default language. Experts say the wiper campaign against Iran materialized this…
AI, Cybersecurity, Data Breaches, Funding, Global Security News, Network Security
WorldLeaks ransomware group breached the City of Los Angels
WorldLeaks group hit Los Angeles and its Metro system, forcing a shutdown, while two Bay Area cities declared emergencies after ransomware attacks. WorldLeaks group hit Los Angeles and its Metro, forcing a shutdown, while two Bay Area cities declared emergencies after ransomware attacks. This week, local media reported that an unauthorized activity hit Metro’s internal…
Global Security News, Network Security
Cyber OpSec Fail: Beast Gang Exposes Ransomware Server
Files on a central cloud server used by the ransomware group highlight a systematic, aggressive attack on network backups as a key TTP.
AI, Global Security News
LeakNet ransomware: what you need to know
A ransomware gang that claims to be a group of “investigative journalists”? Meet LeakNet – the group using fake CAPTCHA pages to trick employees into hacking themselves. Read more in my article on the Fortra blog.
Global Security News
FBI seizes Handala data leak site after Stryker cyberattack
The FBI has seized two websites used by the Handala hacktivist group after the threat actors conducted a destructive cyberattack on medical technology giant Stryker that wiped approximately 80,000 devices. […]
Exploits, Global Security News
AWS Warns Hackers Have Abused Cisco Firewall Zero-Day Since January
Notorious ransomware group Interlock has been exploiting a Cisco zero-day bug since January, AWS says
AI, Data Breaches, Exploits, Global Security News, Government & Policy, malware, Network Security
Interlock group exploiting the CISCO FMC flaw CVE-2026-20131 36 days before disclosure
The Interlock ransomware group has exploited a Cisco FMC zero-day RCE vulnerability in attacks since late January. The Interlock ransomware group has been exploiting a critical zero-day RCE vulnerability, tracked as CVE-2026-20131 (CVSS score of 10.0), in Cisco Secure Firewall Management Center (FMC) since late January. The vulnerability is a remote code execution flaw that…
AI, Apps, Global Security News, Venture
Databricks, Accenture Double Down On Enterprise AI Buildout
Databricks and Accenture are rolling out a joint business group to help companies move beyond the pilot phase and into AI that’s actually up and running. Business group focuses on scaling AI applications through data and consulting expertise The two companies said the group will focus on building and scaling AI applications and agents, combining…
AI, Global Security News, Government & Policy
SideWinder Espionage Campaign Expands Across Southeast Asia
The suspected India-linked threat group targets governments, telecom, and critical infrastructure using spear-phishing, old vulnerabilities, and rapidly rotating infrastructure to maintain persistent access.
Global Security News, Network Security
Launchd Acquires WeAreTENZING as ANZ Creator Economy Spend Nears $1 Billion
COMPANY NEWS: Launchd, Australia’s leading talent-first creator economy group, has acquired WeAreTENZING, one of New Zealand’s most respected talent agencies, bringing together two of the region’s most influential creator networks at a moment of rapid market acceleration.
AI, Global Security News, Risk Management
Stop building security goals around controls
In this Help Net Security interview, Devin Rudnicki, CISO at Fitch Group, argues that security strategy fails when it loses its connection to business outcomes. Rudnicki walks through how to align security goals with corporate priorities, why CISOs must present risk in terms leadership can act on, and how to balance innovation speed with measured…
Global Security News, Network Security
Warlock Ransomware Group Augments Post-Exploitation Activities
In a recent attack, the group showcased stealthier cross-network activity, thanks to its use of a new BYOVD technique and other tools.
AI, Cybersecurity, Europe, Global Security News, Network Security
Indigo Appoints Ilex Content Strategies as its Marketing and Communications Agency of Record
Indigo Telecom Group, a strategic partner for critical digital infrastructure, has appointed Ilex Content Strategies, a global B2B marketing and communications agency, as its marketing and communications agency of record. Ilex will support brand and messaging development, account-based marketing, content creation, internal communications, and Borderless PR as Indigo drives global growth. Indigo serves critical digital infrastructure providers, from…
AI, Global Security News
Pattern Launches End-To-End Generative Engine Optimisation Framework for Australian Brands
Pattern Group Inc. (Nasdaq: PTRN) (“Pattern”), a leader in accelerating brands on global ecommerce marketplaces by leveraging proprietary technology and AI, today announced the launch of two new tools designed to facilitate and measure brand discovery through emerging AI platforms. Together, Patterns’ proprietary Large Language Model (LLM) Access Audit and Generative Engine Optimisation (GEO) Scorecard…
AI, china, Endpoint, Global Security News, malware, Network Security
CL-STA-1087 targets military capabilities since 2020
China-linked APT group CL-STA-1087 has targeted Southeast Asian militaries since 2020 using AppleChris and MemFun. A suspected China-linked espionage campaign, tracked as CL-STA-1087, has targeted Southeast Asian military organizations since at least 2020, using AppleChris and MemFun malware. “The activity demonstrated strategic operational patience and a focus on highly targeted intelligence collection, rather than bulk…
AI, Data Breaches, Global Security News, malware
Payload Ransomware claims the hack of Royal Bahrain Hospital
The Payload Ransomware group claims to have breached the Royal Bahrain Hospital (RBH), a leading healthcare facility in Bahrain. The Payload Ransomware group claims to have hacked the Royal Bahrain Hospital (RBH) and stolen 110 GB of data. The ransomware gang added the healthcare facility to its Tor data leak site and published the images…
AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management
AiLock Ransomware Claims England Hockey Data Breach
England Hockey is investigating a potential cyberattack after a ransomware group claimed to have stolen sensitive data from its systems and threatened to publish it online. The AiLock ransomware gang recently listed the organization on its public data leak site, claiming to have exfiltrated large volumes of internal data as part of the attack. “We…
AI, Global Security News, malware, Network Security, Risk Management
AI-assisted Slopoly malware powers Hive0163’s ransomware campaigns
The Hive0163 group used AI-assisted malware called Slopoly to maintain persistent access in ransomware attacks. IBM X-Force researchers report that the financially motivated group Hive0163 is using AI-assisted malware named Slopoly to maintain persistent access during ransomware attacks, showing how threat actors can quickly build new malware frameworks using AI. Hive0163 is a threat actor…
AI, Apps, Endpoint, Exploits, Global Security News, malware, Network Security
Storm-2561 targets enterprise VPN users with SEO poisoning, fake clients
Microsoft has warned enterprises that cybercriminal group Storm-2561 is hijacking search engine results to serve trojanized VPN clients, stealing corporate credentials, and then covering its tracks before victims suspect anything is wrong. The group pushes spoofed websites to the top of results for queries such as “Pulse VPN download” or “Pulse Secure client,” redirecting users…
AI, china, Cybersecurity, Exploits, Global Security News, Government & Policy, Network Security, Politics, Russia
Stryker attack highlights nebulous nature of Iranian cyber activity amid joint U.S.-Israel conflict
A cyberattack that an Iranian hacking group said it carried out against medical device manufacturer Stryker might mark Tehran’s first significant cyber action since the start of the joint U.S.-Israel conflict. But even that may have been a happy accident for Iranian hackers in what has been a low buzz of activity during that timeframe,…
AI, Global Security News
€1 million online fraud scheme uncovered, three suspects arrested
A criminal group suspected of running an online fraud scheme in Germany, which defrauded victims of around €1 million, has been dismantled through judicial cooperation coordinated by Eurojust. On 10 March, German and French authorities arrested three suspects in a joint operation. The main suspect, located in France, appeared before a judge after an arrest…
AI, Global Security News
War spreads into cyberspace after Iran-linked hackers hit medtech giant Stryker
An Iran-linked hacking group has claimed responsibility for a cyberattack on U.S. medical device giant Stryker, marking a potential escalation of cyber activity tied to the ongoing conflict in the Middle East. Stryker confirmed in a Form 8-K filing with the SEC that a cyberattack caused a global disruption to its Microsoft systems. The Wall…
AI, Global Security News, malware
Iran Claim Massive Cyber-Attack on MedTech Firm Stryker
The pro-Iran Handala group claims to have wiped 200,000 systems in destructive wiper malware attack on US firm Stryker
AI, Cybersecurity, Global Security News, Network Security
Stop fixing OT security with IT thinking
In this Help Net Security interview, Ejona Preçi, Group CISO at Lindal Group, discusses the specific cybersecurity challenges in manufacturing environments. The conversation covers why standard IT security practices break down on shop floors, where PLCs and decade-old firmware were never designed to be networked. She explains how nation-state actors quietly settle into industrial networks,…
AI, Global Security News, Government & Policy, malware, Network Security
Pro-Palestinian hacktivist group Handala targets Stryker in global disruption
Pro-Palestinian hacktivist group Handala claims a cyberattack on Stryker, alleging it wiped 200,000 systems and disrupted global operations. Pro-Palestinian hacktivist group Handala claims responsibility for a disruptive cyberattack against medical technology firm Stryker. “Medical technology giant Stryker is experiencing a global outage across its systems after a cyberattack early Wednesday. Staff and contractors report that…
AI, Data Breaches, Global Security News
ShinyHunters claims new campaign targeting Salesforce Experience Cloud sites
Salesforce customers have, once again, been targeted by the ShinyHunters group – or, at least, it’s what the group claims. Attackers modified and abused benign tool On Saturday, Saleforce confirmed that its security team has identified an attack campaign by unnamed malicious actors looking to access customers’ data. The attackers are not leveraging a vulnerability…
AI, Compliance, Cybersecurity, Global Security News, Network Security, Politics
Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker
A hacktivist group with links to Iran’s intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports out of Ireland, Stryker’s largest hub outside of the United States, said the company sent home more than 5,000 workers there today. Meanwhile, a voicemail message at…
Global Security News
Nvidia to Invest $2 Billion in Nebius to Expand AI Cloud Infrastructure
Nvidia will invest $2 billion in Nebius Group as part of a strategic partnership to expand artificial-intelligence cloud infrastructure.
Apps, Global Security News, malware, Russia
BlackSanta Malware Targets HR Staff with Fake CV Downloads
Aryaka researchers have identified a new threat from a Russian-speaking group using ‘BlackSanta’ malware. By disguising attacks as job applications, hackers are bypassing security to target recruitment workflows.
Global Security News, Government & Policy
Macquarie Technology Group secures A$200m investment from National Reconstruction Fund Corporation
Macquarie Technology Group Limited (ASX: MAQ) (the “Company”) announced that it has secured a A$200m hybrid investment from National Reconstruction Fund Corporation (NRFC). The NRFC is a sovereign investor established by the Australian Government to invest in Australian businesses to support nationally significant technological innovation, digital infrastructure, defence, and national security. It works to transform…
Global Security News
Fake LinkedIn Interview Used by Lazarus Hackers to Target AllSecure CEO
Researchers at AllSecure have revealed how North Korean hackers from the Lazarus Group used a fake LinkedIn job interview and deepfake technology to target their CEO.
AI, Global Security News, malware, Russia
APT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian Military
The Russian state-sponsored hacking group tracked as APT28 has been observed using a pair of implants dubbed BEARDSHELL and COVENANT to facilitate long‑term surveillance of Ukrainian military personnel. The two malware families have been put to use since April 2024, ESET said in a new report shared with The Hacker News. APT28, also tracked as…
AI, Global Security News
ShinyHunters Targets Hundreds of Websites in New Salesforce Campaign
Prolific ShinyHunters group claims to have stolen data from nearly 400 websites in Experience Cloud attacks
Exploits, Global Security News, Russia
APT28 hackers deploy customized variant of Covenant open-source tool
The Russian state-sponsored APT28 threat group is using a custom variant of the open-source Covenant post-exploitation framework for long-term espionage operations. […]
AI, Global Security News
Transparent Tribe Uses AI to Mass-Produce Malware Implants in Campaign Targeting India
The Pakistan-aligned threat actor known as Transparent Tribe has become the latest hacking group to embrace artificial intelligence (AI)-powered coding tools to strike targets with various implants. The activity is designed to produce a “high-volume, mediocre mass of implants” that are developed using lesser-known programming languages like Nim, Zig, and Crystal and rely on trusted…
AI, Global Security News, Network Security
Iran-linked APT targets US critical sectors with new backdoors
An Iran-linked hacking group has been active inside the networks of several US organizations since early February, raising concerns that the activity could precede broader cyber operations connected to escalating geopolitical tensions in the Middle East. New backdoors used by Seedworm Symantec and Carbon Black researchers have attributed the activity to Seedworm (aka MuddyWater), an…
AI, Apps, Endpoint, Global Security News, Government & Policy, malware, Network Security
Iran-nexus APT Dust Specter targets Iraq officials with new malware
A campaign by Iran-linked group Dust Specter is targeting Iraqi officials with phishing emails delivering new malware families. Zscaler ThreatLabz researchers linked the Iran-nexus group Dust Specter to a campaign targeting Iraqi government officials. Threat actors impersonated the country’s Ministry of Foreign Affairs in phishing messages that delivered previously unseen malware, including SPLITDROP, TWINTASK, TWINTALK,…
Global Security News, malware
Nation-State Actor Embraces AI Malware Assembly Line
Pakistan’s APT36 threat group has begun using vibe-coding to churn out mediocre malware, but at a scale that could overwhelm defenses.
AI, Global Security News
Pakistan-Linked APT36 Floods Indian Govt Networks With AI-Made ‘Vibeware’
Bitdefender research reveals Pakistani group APT36 is using AI-generated vibeware and trusted cloud services like Google Sheets to target Indian officials.
Exploits, Global Security News
Google says 90 zero-days were exploited in attacks last year
Google Threat Intelligence Group (GTIG) tracked 90 zero-day vulnerabilities actively exploited throughout 2025, almost half of them in enterprise software and appliances. […]
AI, china, Europe, Exploits, Global Security News, Government & Policy, Network Security
From phishing to Google Drive C2: Silver Dragon expands APT41 playbook
APT group Silver Dragon, linked to APT41, targets governments via server exploits and phishing, using Cobalt Strike and Google Drive for C2. Check Point researchers have identified Silver Dragon, an APT group tied to the China-linked group APT41, targeting government entities in Europe and Southeast Asia since mid-2024. The group gains initial access by exploiting…
Data Breaches, Europe, Global Security News, Risk Management
Njordium Vendor Management System eliminates duplicate third-party assessments
Njordium Cyber Group has launched its Vendor Management System (VMS), a platform that eliminates the costly duplication of third-party assessments under Europe’s overlapping regulations. 70% of European organisations suffered a data breach in the past three years, and 77% of those breaches originated with a vendor or third party (Whistic, Third-Party Risk Management 2025 Impact…
AI, Cybersecurity, Europe, Exploits, Global Security News
APT41-Linked Silver Dragon Targets Governments Using Cobalt Strike and Google Drive C2
Cybersecurity researchers have disclosed details of an advanced persistent threat (APT) group dubbed Silver Dragon that has been linked to cyber attacks targeting entities in Europe and Southeast Asia since at least mid-2024. “Silver Dragon gains its initial access by exploiting public-facing internet servers and by delivering phishing emails that contain malicious attachments,” Check Point…
Exploits, Global Security News, Network Security
Project Compass Targets 764 Network as 30 Arrested and Victims Rescued
Europol’s Project Compass targets The Com (aka 764 network), an online group exploiting minors. After 30 arrests, officials say the hunt for those involved is far from over.
AI, Cybersecurity, Data Breaches, Global Security News, Government & Policy, Network Security
ShinyHunters leaked the full Odido dataset
Cybercrime group ShinyHunters leaked the full Odido dataset, the Netherlands is facing the biggest data leak in its history. Odido is a Dutch telecommunications company and one of the largest mobile network operators in the Netherlands. It was formed when T-Mobile Netherlands and Tele2 were rebranded as Odido in 2023 after private equity firms Apax Partners and Warburg Pincus…
Global Security News
Macquarie Technology delivers twenty-two consecutive halves of EBITDA growth
COMPANY NEWS: Macquarie Technology Group Ltd (ASX: MAQ) (the Company) today announced its results for the half-year ended 31 December 2025, which were in line with guidance.
AI, Apps, china, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, malware, Network Security
China-linked hackers used Google Sheets to spy on telecoms and governments across 42 countries
Google has disrupted a China-linked espionage group that used Google’s spreadsheet application as a covert spy tool to compromise telecom providers and government agencies across 42 countries, sending commands and receiving stolen data through it, Google’s Threat Intelligence Group (GTIG) said on Thursday. Working with Mandiant, GTIG confirmed intrusions at 53 organizations across 42 countries,…
AI, APAC, china, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, malware
Google GTIG disrupted China-linked APT UNC2814 halting attacks on 53 orgs in 42 countries
Google and partners disrupted UNC2814, a suspected China-linked group that hacked 53 organizations across 42 countries. Google, with industry partners, disrupted the infrastructure of UNC2814, a suspected China-linked cyber espionage group that breached at least 53 organizations in 42 countries. The group has been active since at least 2017, and was spotted targeting governments and…
AI, Global Security News, Government & Policy, Network Security
Chinese cyberspies breached dozens of telecom firms, govt agencies
Google’s Threat Intelligence Group (GTIG), Mandiant, and partners disrupted a global espionage campaign attributed to a suspected Chinese threat actor that used SaaS API calls to hide malicious traffic in attacks targeting telecom and government networks. […]
AI, APAC, Global Security News, Government & Policy, malware
Lazarus APT group deployed Medusa Ransomware against Middle East target
North Korea’s Lazarus Group used Medusa ransomware in an attack on an unnamed Middle East organization, researchers report. The North Korea-linked Lazarus APT Group, also known as Diamond Sleet and Pompilus, has been spotted deploying Medusa ransomware against an unnamed organization in the Middle East, according a new report from the Symantec and Carbon Black…
AI, Europe, Global Security News
Phishing campaign targets freight and logistics orgs in the US, Europe
A financially motivated threat group dubbed “Diesel Vortex” is stealing credentials from freight and logistics operators in the U.S. and Europe in phishing attacks using 52 domains. […]
Global Security News
North Korean Lazarus Group Adopts Medusa Ransomware in Global Attacks
Lazarus Group is now using Medusa ransomware in attacks on healthcare and social services, signaling a move toward profit-focused cybercrime.
Global Security News
Lazarus Group Picks a New Poison: Medusa Ransomware
The North Korean threat group also leveraged Comebacker backdoor, Blindingcan RAT, and info stealer Infohook in its recent attacks.
Global Security News
CarGurus data breach exposes information of 12.4 million accounts
The ShinyHunters extortion group has published personal information in more than 12 million records allegedly stolen from CarGurus, a U.S.-based digital auto platform. […]
AI, Global Security News
Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare Attacks
The North Korea-linked Lazarus Group (aka Diamond Sleet and Pompilus) has been observed using Medusa ransomware in an attack targeting an unnamed entity in the Middle East, according to a new report by the Symantec and Carbon Black Threat Hunter Team. Broadcom’s threat intelligence division said it also identified the same threat actors mounting an…
Global Security News
North Korean Lazarus group linked to Medusa ransomware attacks
North Korean state-backed hackers associated with the Lazarus threat group are targeting U.S. healthcare organizations in extortion attack using the Medusa ransomware. […]
Global Security News, Government & Policy
Spain arrests suspected hacktivists for DDoSing govt sites
Spanish authorities have arrested four alleged members of a hacktivist group believed to have carried out cyberattacks targeting government ministries, political parties, and various public institutions. […]
AI, Global Security News
Iran’s MuddyWater Targets Orgs With Fresh Malware as Tensions Mount
The long-active Iranian threat group debuted various attack strains and payloads in attacks against organizations in the Middle East and Africa.
AI, Global Security News, Government & Policy
Spanish police arrest suspected Anonymous members over DDoS attacks on government sites
Spanish police (Guardia Civil) arrested four members of the hacktivist group Anonymous Fénix over DDoS attacks targeting ministries, political parties and public institutions. Police raid (Source: Guardia Civil) Police identified the organization’s leadership, including its administrator and moderator, who were arrested in May 2025 in Alcalá de Henares (Madrid) and Oviedo (Asturias). Evidence gathered during…
AI, Data Breaches, Global Security News
Hacker stiehlt Daten von Tausenden RTL-Mitarbeitern
Ein Hacker hat sich Zugriff auf Mitarbeiterdaten von RTL verschafft. nitpicker – shutterstock.com Die RTL Group wurde offenbar Opfer einer Cyberattacke. Wie Cybernews berichtet, brüstet sich ein Cyberkrimineller namens LuneBF mit gestohlenen Daten von mehr als 27.000 Mitarbeitern der Mediengruppe. In seinem Darknet-Post behauptet der Angreifer, sich Zugriff auf die Intranet-Website der RTL Group verschafft…
AI, Global Security News, malware
MuddyWater Targets MENA Organizations with GhostFetch, CHAR, and HTTP_VIP
The Iranian hacking group known as MuddyWater (aka Earth Vetala, Mango Sandstorm, and MUDDYCOAST) has targeted several organizations and individuals mainly located across the Middle East and North Africa (MENA) region as part of a new campaign codenamed Operation Olalampo. The activity, first observed on January 26, 2026, has resulted in the deployment of new…
AI, Cybersecurity, Data Breaches, Global Security News, Government & Policy, Network Security
FBI: Threats from Salt Typhoon are ‘still very much ongoing’
A top FBI cyber official said Salt Typhoon, the Chinese cyber espionage group behind the widespread compromise of U.S. telecommunications infrastructure in 2024, continues to pose a broad threat to both America’s private and public sectors. Michael Machtinger, deputy assistant director for cyber intelligence at the FBI, touted improved partnerships between the telecommunications industry and…
AI, APAC, Apps, china, Endpoint, Exploits, Global Security News, malware, Network Security
Chinese hackers exploited zero-day Dell RecoverPoint flaw for 1.5 years
For the past 18 months, a Chinese cyberespionage group has been exploiting a prevously unknown vulnerability in Dell’s RecoverPoint for Virtual Machines, a VM disaster recovery solution. The flaw, patched by Dell this week, allows unauthenticated attackers to gain command execution on the underlying OS as root. The vulnerability, tracked as CVE-2026-22769, stems from hardcoded…
AI, china, Exploits, Global Security News, Network Security
China-linked hackers exploited Dell zero-day since 2024 (CVE-2026-22769)
A suspected China-linked cyberespionage group has been covertly exploiting a critical zero-day flaw (CVE-2026-22769) in Dell’s RecoverPoint for Virtual Machines software since at least mid-2024, according to new research from Google’s threat intelligence team and Mandiant. The attackers deployed stealthy backdoors (BRICKSTORM and GRIMBOLT), a webshell (SLAYSTYLE) and maintained long-term access inside targeted networks. “Beyond…
AI, china, Exploits, Global Security News, malware, Risk Management
China-linked APT weaponized Dell RecoverPoint zero-day since 2024
A suspected Chinese state-linked group exploited a critical Dell RecoverPoint flaw (CVE-2026-22769) in zero-day attacks starting mid-2024. Mandiant and Google’s Threat Intelligence Group (GTIG) reported that a suspected China-linked APT group quietly exploited a critical zero-day flaw in Dell RecoverPoint for Virtual Machines starting in mid-2024. “Mandiant and Google Threat Intelligence Group (GTIG) have identified…
APAC, Global Security News
Successful upsizing of debt capacity from $450 million to $500 million
Macquarie Technology Group Limited (ASX: MAQ) is pleased to announce the successful completion of a $50 million incremental debt facility, increasing MAQ’s secured revolving loan facility to $500 million.
Exploits, Global Security News
Chinese hackers exploiting Dell zero-day flaw since mid-2024
A suspected Chinese state-backed hacking group has been quietly exploiting a critical Dell security flaw in zero-day attacks that started in mid-2024. […]