State of AI Usage Report 2026 (full report here) by LayerX Security reveals the extent of the enterprise AI visibility gap and why most organizations still don’t understand where their AI exposure is actually coming from. The research shows that enterprise AI risk is not distributed evenly across users or platforms. Instead, it is heavily…
Tag: reveals
Cybersecurity, Global Security News
RondoDox Botnet Exploits Critical 2018 Vulnerability to Hijack ASUS Routers
Cybersecurity firm VulnCheck reveals hackers are using a critical 2018 vulnerability to bypass authentication and hack over a million ASUS routers.
Global Security News
Organizations knowingly ship vulnerable code amid shrinking exploit windows
New research from Checkmarx reveals that 75% of organizations admit to frequently or sometimes deploying code they are aware is vulnerable.
AI, Exploits, Global Security News
Verizon DBIR: AI Helped Hackers Exploit Vulnerabilities in 31% of Recent Breaches
Verizon DBIR 2026 reveals software vulnerabilities overtook stolen passwords in cyberattacks, with AI helping hackers exploit flaws within hours.
Global Security News
Researchers Warn CypherLoc Scareware Has Targeted Millions of Users
Barracuda reveals new CypherLoc scareware has featured in nearly three million attacks
AI, Global Security News
Agentic AI Accelerates Software Builds and Mobile App Attacks
Digital.ai data reveals 87% of apps were attacked over the past year
AI, china, Global Security News
FamousSparrow Targeted Oil and Gas Industry via MS Exchange Server Exploit
Bitdefender Labs reveals how the China-linked FamousSparrow hacking group targeted an Azerbaijani energy firm using ProxyNotShell, Deed RAT,…
Global Security News, malware
China-Linked Twill Typhoon Uses Fake Apple and Yahoo Sites for Espionage
A new Darktrace report reveals how Chinese hackers use fake Apple and Yahoo sites and the FDMTP malware framework to spy on organisations.
AI, Global Security News
TeamPCP Used Mini Shai-Hulud Worm to Poison Over 400 npm and PyPI Packages
Research reveals that TeamPCP hijacked OIDC tokens to poison hundreds of TanStack, Mistral AI, and UiPath packages with the self-propagating Mini Shai-Hulud worm.
Global Security News, malware
Malicious Hugging Face Repository Typosquats OpenAI
HiddenLayer reveals infostealer malware in a Hugging Face repository
Global Security News
Iran-Linked APT Posed as Chaos Ransomware Member in Espionage Campaign
Rapid7 reveals an Iranian false flag operation masquerading as a Chaos ransomware attack
AI, Global Security News
realestate.com.au attracts the buyer for 9 in 10 listed homes that sell on the platform
New PropTrack data reveals the impact realestate.com.au has on property sales, with the platform helping Australian buyers find ‘the one’
AI, Global Security News, malware
Lotus Wiper Attack Targeted Venezuelan Energy Firms, Utilities
An analysis of the destructive malware reveals sophisticated living-off-the-land (LotL) techniques and detailed strategies for the widespread deletion of data.
Global Security News
A Quarter of Healthcare Organizations Report Medical Device Cyber-Attacks
RunSafe report reveals most attacks on medical devices disrupt patient care
Global Security News
Inside an OPSEC Playbook: How Threat Actors Evade Detection
Threat actors are now publishing structured OPSEC playbooks to stay undetected. Flare reveals how these guides outline layered infrastructure, identity separation, and long-term evasion strategies. […]
AI, Funding, Global Security News, Government & Policy, Risk Management
The Victorian Government will allocate $3.5 million – Technology Driven Safety Security Measures for Family Violence Victims and Survivors
The funding announcement comes as new data reveals an 8% increase in family and domestic violence offenders over the past financial year, reinforcing the scale and persistence of the issue across the state. Against this backdrop, the latest investment focuses on practical, immediate protections designed to reduce risk for those most vulnerable.
Global Security News
Fake CAPTCHA Scam Abuses Verification Clicks to Send Costly International Texts
Research from Infoblox reveals a massive Click2SMS fraud scheme using fake CAPTCHAs and back button hijacking to trick victims into sending costly international texts.
AI, Endpoint, Global Security News, Government & Policy, malware, Network Security, Russia
RAMP Uncovered: Anatomy of Russia’s Ransomware Marketplace
Leaked data from RAMP reveals Russia’s ransomware ecosystem, analyzing 1,732 threads, 7,707 users, and 340,000 IP records from the forum. RAMP was not just another dark web forum. It was one of the clearest examples of how ransomware has become an organized marketplace, with sellers, buyers, brokers, and recruiters all playing different roles in the…
Global Security News
Mustang Panda Hits India and S. Korea with Updated LOTUSLITE Backdoor
Acronis reveals Mustang Panda is using a new LOTUSLITE backdoor to target Indian banks and Korean diplomats. Learn how this DLL sideloading attack works.
AI, Global Security News, malware
New RecruitRat, SaferRat, Astrinox, Massiv Android Malware Found Targeting 800 Apps
New research from Zimperium reveals four active Android malware campaigns, RecruitRat, SaferRat, Astrinox, and Massiv, targeting over 800 banking apps globally.
Global Security News
Inside an Underground Guide: How Threat Actors Vet Stolen Credit Card Shops
In cybercrime markets, trust isn’t assumed, it’s verified. Flare reveals how underground guides teach actors to evaluate carding shops based on data quality, reputation, and survivability. […]
Global Security News
13.5M Device Botnet Drives 2 Tbps DDoS Attacks on FinTech, Qrator Finds
A new Qrator Labs report reveals that the largest DDoS botnet has grown to 13.5 million devices, and…
AI, Compliance, Cybersecurity, Data Breaches, Endpoint, Global Security News, Government & Policy
5 trends defining the future of AI-powered cybersecurity
The new N-able and Futurum Report reveals how AI is reshaping cyber resilience as it accelerates both business innovation and adversarial tradecraft. Attackers are scaling their operations with unprecedented speed, leveraging automation to bypass traditional defenses. For IT security leaders and MSP owners, the days of relying on static, perimeter-based security are over. To stay…
AI, APAC, Global Security News
Nearly 80% of Enterprises Say AI Is Held Back by Data Access Challenges, New Cloudera Report Finds
GUEST RESEARCH: Cloudera’s latest global survey, The Data Readiness Index, reveals a growing “AI readiness illusion,” where widespread adoption outpaces the data foundations required to deliver real business impact. In APAC, 85% of organisations claim to have complete visibility over where their data resides, but 38% struggle to use their data effectively due to complicated…
AI, Global Security News
Your Employees Aren’t Ready For AI — And It’s A Problem
Forrester’s AIQ Reveals Severe Gaps In Employee Readiness For AI
AI, Global Security News
Solving Tech Debt Unlocks 3x Digital Revenue Boost for Australia’s AI Leaders, Finds New Research
Latest research reveals technical debt blocks AI success in Australia, but cohort of leaders is overcoming it to unlock AI and drive three times more digital revenue than peers
AI, Global Security News
Governance Gaps Emerge as AI Agents Drive 76% Increase in NHIs
SANS Institute reveals that AI agents are behind a 76% surge in non-human identities
Global Security News, Russia
Russian Forest Blizzard Hackers Hijack Home Routers for Global Spying
Microsoft Threat Intelligence reveals how Russian hacking group Forest Blizzard uses home routers for DNS hijacking and spying.
Global Security News, Risk Management
AI Agents and Non-Human Identities Creating Critical Security Gaps, Report
New research from Keeper Security, reveals non-human identities and automated system-to-system interactions are becoming the top security risk for businesses in 2026.
Global Security News
Storm Infostealer Sold as Service, Targets Browsers, Wallets and Accounts
New research from Varonis Threat Labs reveals Storm infostealer, a malicious subscription service that bypasses Google Chrome encryption.…
Global Security News, Network Security
ImageMagick Zero-Day Enables RCE on Linux and WordPress Servers
New research from Octagon Networks reveals a critical zero-day ImageMagick vulnerability that allows Remote Code Execution (RCE) via simple image uploads affecting Ubuntu, Amazon Linux, and WordPress. This magic byte shift bypasses even the most secure policies.
Cybersecurity, Global Security News, privacy
The Cybersecurity Trust Reality in 2026
New Sophos survey reveals only 5% of IT leaders say they fully trust their cybersecurity vendors Categories: Products & Services, Sophos Insights Tags: Trust, Privacy, Trust Center
Compliance, Data Breaches, Global Security News
Kernel Observability for Data Movement
Kernel-level visibility reveals hidden data movement in breaches, exposing gaps in modern security tools and improving detection, compliance, and system behavior tracking.
AI, Global Security News
Amazon launches new education initiatives to support Aussie teachers and students thrive in a digital future
New research reveals 96% of teachers would take part in free AI training, but only 32% of teachers have access to approved tools they can use in the classroom. Amazon and Tech Futures Australia launch nationwide programs to help bridge this gap.
AI, Global Security News
Quish Splash QR Code Phishing Campaign Hits 1.6 Million Users
7AI research reveals a massive QR code phishing attack that evaded SPF, DKIM, and DMARC. Find out how 1.6 million emails went undetected.
Global Security News, Government & Policy, Network Security
Rapid7 Labs Identifies State-Sponsored Sleeper Cells Embedded in Global Telecommunications Networks
GUEST RESEARCH: Research reveals long-term espionage access inside telecommunications infrastructure with implications for government communications and critical systems
Global Security News, Network Security, Risk Management
LexisNexis® Risk Solutions’ latest Cybercrime Report reveals key global fraud trends emerging over the past year. Derived from analysis of more than 116 billion online transactions detected through our LexisNexis® Digital Identity Network® in 2025, t
LexisNexis® Risk Solutions’ latest Cybercrime Report reveals key global fraud trends emerging over the past year. Derived from analysis of more than 116 billion online transactions detected through our LexisNexis® Digital Identity Network® in 2025, the report shows a significant 8% rise in global fraud rates driven by attacks targeting the gaming and gambling and ecommerce sectors, cost of living pressures and new emerging fraud tactics.
Global Security News, Network Security, Risk Management
LexisNexis® Risk Solutions’ latest Cybercrime Report reveals key global fraud trends emerging over the past year. Derived from analysis of more than 116 billion online transactions detected through our LexisNexis® Digital Identity Network® in 2025, t
LexisNexis® Risk Solutions’ latest Cybercrime Report reveals key global fraud trends emerging over the past year. Derived from analysis of more than 116 billion online transactions detected through our LexisNexis® Digital Identity Network® in 2025, the report shows a significant 8% rise in global fraud rates driven by attacks targeting the gaming and gambling and ecommerce sectors, cost of living pressures and new emerging fraud tactics.
AI, Global Security News, Risk Management
Organisations overlook AI risk as governance fails to keep up
GUEST RESEARCH: TrendAI™ research reveals pressure to deploy AI for business speed is outpacing control, visibility and accountability
AI, Global Security News
Fake OpenClaw Token Giveaway Targets GitHub Devs with Wallet-Draining Scam
OX Security reveals a new phishing campaign targeting GitHub developers. Scammers use fake OpenClaw token giveaways to trick users into connecting and draining their crypto wallets
Global Security News
North Korean Hacker Lands Remote IT Job, Caught After VPN Slip
New research from LevelBlue reveals how a suspected North Korean operative landed a remote IT role to fund national weapons programmes.
AI, Global Security News, malware
15,500 Malicious Domains: How Threat Actors Abuse a Popular Ad Tracker for Cloaked AI Investment Scams
GUEST RESEARCH: New research from Infoblox Threat Intel and Confiant reveals that cybercriminals are abusing Keitaro, a widely used advertising performance tracker, to hide (“cloak”) scams and malware behind ordinary web traffic; with many posing specifically as AI investment opportunities.
Exploits, Global Security News
Rapid7 2026 Global Threat Landscape Report Shows Exploited High and Critical-Severity Vulnerabilities Surged 105% as Attack Timelines Collapsed
GUEST RESEARCH: New research reveals exploitation now occurs within days of disclosure, reinforcing the need for preemptive security operations
Global Security News
Surge in Nation State Attacks on UK Firms Amid Cyber Warfare Fears
Armis reveals that “mutually assured disruption” is no longer preventing state-backed attacks
AI, Global Security News
Initial access techniques used by Iran-based threat actors
Analysis of attacks originating from Iran-linked threat groups reveals a preference for certain techniques Categories: Threat Research Tags: Iran, initial access
AI, Cloud Security, Europe, Global Security News
Infosecurity Europe Announces 2026 Keynote Line Up
Infosecurity Europe 2026 reveals its keynote line-up, featuring Jason Fox, Shlomo Kramer, Cynthia Kaiser and more, with sessions on AI, cloud security and post quantum threats
Global Security News, Russia
Russian Hackers Target WhatsApp and Signal Accounts of Global Military and Government Officials
Dutch intelligence reveals Russian state hackers are trying to hijack the Signal and WhatsApp accounts of key targets
AI, Global Security News
AI Bot Hackerbot-Claw Targets Microsoft, DataDog and CNCF GitHub Repos
Security firm Pillar reveals the Chaos Agent in which Hackerbot-Claw, an AI agent, used natural language to compromise major GitHub projects and hijack developer tools.
Global Security News, Government & Policy
900+ Certificates Used by Fortune 500, Governments Exposed by Key Leaks
A joint study by Google and GitGuardian reveals that over 2,600 valid TLS certificates, protecting Fortune 500 companies and government agencies, were compromised due to private key leaks on GitHub and DockerHub.
AI, Global Security News
Pakistan-Linked APT36 Floods Indian Govt Networks With AI-Made ‘Vibeware’
Bitdefender research reveals Pakistani group APT36 is using AI-generated vibeware and trusted cloud services like Google Sheets to target Indian officials.
AI, Global Security News
AI-Generated Writing is Everywhere, and It’s Still Easy to Spot—For Now
Which AI bot reveals itself by sounding like a corporate intern? Which comes across like a nervous student? I asked the chatbots and here’s what they said.
AI, Global Security News, Network Security, privacy
Car Tyre Sensors Can Be Used to Track Drivers Without Their Knowledge
New research from IMDEA Networks reveals how unencrypted signals from tyre pressure sensors in brands like Toyota and Mercedes can be used for covert vehicle tracking. Learn how these low-cost systems can map out your daily routines and why current regulations fail to protect driver privacy.
Global Security News
Leaked Database Sheds Light on Iranian Crypto Sanctions Evasion
Ariomex database reveals potential sanctions evasion and capital transfers tied to Iranian actors
Data Breaches, Global Security News
Huge “Shadow Layer” of Organizations Hit by Supply Chain Attacks
Black Kite reveals 26,000 unnamed corporate victims linked to 136 third-party breaches
Global Security News
ClawJacked Bug Enables Covert AI Agent Hijacking
Oasis Security reveals how a new ClawJacked vulnerability could allow attackers to silently take over a victim’s OpenClaw agent
AI, Global Security News
Ransomware Payments Decline 8% as Attacks Surge 50%
Chainalysis reveals a big surge in median ransomware payment size in 2025 despite overall drop in criminal revenue
AI, Global Security News
Hackers Use 1Campaign to Hide Malicious Ads From Google Reviewers
Varonis Threat Labs reveals 1Campaign, a platform used to trick Google Ads and hide phishing pages. Learn how this cloaking tool targets real users while evading security.
Exploits, Global Security News
Exploitable Vulnerabilities Present in 87% of Organizations
Datadog report reveals two-fifths of services are affected by exploitable bugs
Global Security News
Report Finds Just 1% of Security Flaws Drive Most Cyberattacks in 2025
New VulnCheck research reveals that while thousands of CVEs are discovered yearly, only 1% drive real-world impact.
AI, Global Security News
44% Surge in App Exploits as AI Speeds Up Cyberattacks, IBM Finds
IBM’s 2026 X-Force report reveals 44% rise in cyberattacks on public apps, driven by AI and flaws
Global Security News
Industrial Control System Vulnerabilities Hit Record Highs
Forescout paper reveals ICS advisories hit a record 508 in 2025
AI, Endpoint, Exploits, Global Security News, malware, Network Security
WatchGuard: New Malware Variants Surge 1,500% in H2 2025
A new report from WatchGuard Technologies reveals that unique malware detections on endpoints skyrocketed by 1,548% in the second half of 2025, even as overall malware volume dipped slightly. Internet Security Report findings suggest threat actors are bypassing traditional defense The findings, published in the company’s H2 2025 Internet Security Report, highlight a sharp pivot…
AI, Exploits, Global Security News
Chinese APT Group Exploits Dell Zero-Day for Two Years
Mandiant reveals campaign featuring exploit of a CVSS 10.0 CVE in Dell RecoverPoint for Virtual Machines
AI, Global Security News
Over-Privileged AI Drives 4.5 Times Higher Incident Rates
Teleport study reveals that organizations running over-privileged AI have a 76% incident rate
AI, Global Security News
Hackers Abuse ScreenConnect to Hijack PCs via Fake Social Security Emails
Forcepoint X-labs reveals how hackers use fake SSA emails and hijacked ScreenConnect tools to bypass Windows security to target UK, US, and Canadian organisations.
Global Security News
287 Chrome Extensions Caught Harvesting Browsing Data from 37M Users
New investigation by Q Continuum reveals 287 Chrome extensions leaking the private browsing data of 37.4 million users to firms like Similarweb and Alibaba. Learn how these harmless tools turn your history into a product.
AI, Global Security News
The CTEM Divide: Why 84% of Security Programs Are Falling Behind
A new 2026 market intelligence study of 128 enterprise security decision-makers (available here) reveals a stark divide forming between organizations – one that has nothing to do with budget size or industry and everything to do with a single framework decision. Organizations implementing Continuous Threat Exposure Management (CTEM) demonstrate 50% better attack surface visibility, 23-point
Global Security News, Risk Management
Amazon, Temu and Shein to Dominate Australia’s Marketplace Sector at the Expense of Local Competition
GUEST OPINION: Pattern’s 2026 Marketplace Consumer Report reveals a sector under pressure, with global giants tightening their grip and the era of local marketplaces at risk
AI, Global Security News
Celonis research reveals AI ambitions facing significant operational barriers
GUEST RESEARCH: New Celonis research released today reveals a critical gap between enterprises’ agentic AI ambitions and their operational readiness with 85% of organisations wanting to be an agentic enterprise in three years but 76% admitting that their current processes are holding them back.
AI, Global Security News
Celonis research reveals AI ambitions facing significant operational barriers
GUEST RESEARCH: New Celonis research released today reveals a critical gap between enterprises’ agentic AI ambitions and their operational readiness with 85% of organisations wanting to be an agentic enterprise in three years but 76% admitting that their current processes are holding them back.
AI, Global Security News
Celonis research reveals AI ambitions facing significant operational barriers
GUEST RESEARCH: New Celonis research released today reveals a critical gap between enterprises’ agentic AI ambitions and their operational readiness with 85% of organisations wanting to be an agentic enterprise in three years but 76% admitting that their current processes are holding them back.
AI, Artificial Intelligence, Cybersecurity, Global Security News, Security
17% of 3rd-Party Add-Ons for OpenClaw Used in Crypto Theft and macOS Malware
Bitdefender Labs reveals that 17% of OpenClaw AI skills analyzed in February 2026 are malicious. With over 160,000…
AI, Compliance, Cybersecurity, Global Security News, privacy
Choo Choo Choose to ignore the vulnerability
In episode 426 of the “Smashing Security” podcast, Graham reveals how you can hijack a train’s brakes from 150 miles away using kit cheaper than a second-hand PlayStation. Meanwhile, Carole investigates how Grok went berserk, which didn’t stop the Department of Defense signing a contract with Elon’s AI chatbot. So who is responsible when your…
AI, Compliance, Cybersecurity, Exploits, Global Security News, privacy, Risk Management
Call of Duty: From pew-pew to pwned
In episode 425 of “Smashing Security”, Graham reveals how “Call of Duty: WWII” has been weaponised – allowing hackers to hijack your entire PC during online matches, thanks to ancient code and Microsoft’s Game Pass. Meanwhile, Carole digs into a con targeting the recently incarcerated, with scammers impersonating bail bond agents to fleece desperate families.…