Kali365, which was first observed in April, abuses legitimate Microsoft device authorization pages to grant persistent access to cybercriminal-controlled applications.
The post FBI warns about fast-growing phishing kit targeting Microsoft 365 users appeared first on CyberScoop.
Under a draft executive order, the NSA, Treasury Department and other federal agencies would get 90-days to test new models for cybersecurity and national security concerns.
The post Trump postpones executive order focused on AI security appeared first on CyberScoop.
Reps. Don Bacon, R-Neb., and James Walkinshaw, D-Va., found rare bipartisan agreement that the agency tasked with defending civilian networks has been diminished at a moment when threats from China and others are growing.
The post Lawmakers from both parties say CISA cuts have gone too far appeared …
Jacob Butler, a 23-year-old from Ottawa, awaits extradition to the United States and faces up to 10 years in prison.
The post Alleged leader of Kimwolf, a sweeping botnet for cybercriminals, arrested in Canada appeared first on CyberScoop.
Officials arrested the alleged administrator of First VPN, seized its servers and domains. Europol said the service appeared in almost every major recent cybercrime investigation.
The post European authorities take down prolific cybercrime VPN service appeared first on CyberScoop.
Acting director Nick Andersen’s comments came as a wave of malware attacks hit tech that’s publicly available for collaboration.
The post CISA chief frets about open-source vulnerabilities, delayed security improvements appeared first on CyberScoop.
Microsoft’s AI red team lead talked to CyberScoop about the goals behind open sourcing a pair of security tools meant for developers and incident responders.
The post Meet Rampart and Clarity, Microsoft’s new red team combo AI agents appeared first on CyberScoop.
As AI expands the attack surface and alert fatigue grows, cyber exposure management offers a clearer path to understanding where risk truly concentrates and how to reduce it before a crisis hits.
The post The readiness paradox: Why a false sense of cyber confidence is becoming a liability appeared f…
GitHub said late Tuesday that internal repositories were exfiltrated after an employee device was compromised through a poisoned Visual Studio Code extension, an incident that underscores the growing risks facing software development platforms and the ecosystems built around third-party developer to…
Verizon’s annual Data Breach Investigations Report uncovered a surge of exploited vulnerabilities, and a growing lack of critical defect remediation industrywide.
The post Attackers hit vulnerabilities hard last year, making exploits the top entry point for breaches appeared first on CyberScoop.
A researcher who found a repository that leaked on GitHub said it was one of the worst he’s witnessed.
The post CISA credential leak raises alarms, and Capitol Hill demands answers appeared first on CyberScoop.
Fox Tempest, a financially-motivated threat group, allowed ransomware operators and other cybercriminals to slip malware-laced software past security controls.
The post Microsoft disrupts cybercrime service that abused software verification systems en masse appeared first on CyberScoop.
Another malware wave is washing through open-source software repos, stealing publishing tokens, installing OS‑level backdoors and persisting in developer tools and CI pipelines.
The post Mini Shai-Hulud returns, compromising hundreds of npm packages appeared first on CyberScoop.
Operation Ramz resulted in 201 arrests and disrupted phishing services, malware and financial scams.
The post Interpol leads cybercrime crackdown across 13 countries in Middle East, North Africa appeared first on CyberScoop.
Anthropic and OpenAI promise their latest tools will find more vulnerabilities. Cybersecurity employees say they’re already flooded with AI-generated reports.
The post AI might cut false positives, but it won’t stop the slop appeared first on CyberScoop.
Cybercriminals brought down the most widely used learning platform in North America. The Canvas breach is a blueprint for how SaaS attacks now work — and a warning about how unprepared most organizations still are.
The post The Canvas breach proved that prevention is no longer enough appeared first …
UFORCE, a London-based company founded by Ukrainians, is looking to make drones in America.
The post Former CISA nominee Sean Plankey named US CEO of defense startup appeared first on CyberScoop.
The commission will dole out hefty fines and promises investigations for Take It Down Act violators. Experts say questions remain around the agency’s resources and priorities. Â
The post Here’s how the FTC plans to enforce the Take It Down Act appeared first on CyberScoop.
Peters was sentenced to nine years for stealing voting data and has been publicly unrepentant. But Colorado Governor Jared Polis has been hinting at the decision for months.Â
The post Colorado governor commutes prison sentence for election denier Tina Peters appeared first on CyberScoop.
The threat group behind the attacks is also linked to a series of recently disclosed vulnerabilities in the vendor’s firewalls and SD-WAN systems.
The post Cisco zero-day under ongoing attack by persistent threat group appeared first on CyberScoop.