Proofpoint researchers said attackers targeted physics and engineering departments, and warn that the campaign is likely ongoing.
The post Suspected Chinese espionage group used a Roundcube exploit chain to burrow into universities appeared first on CyberScoop.
agrupados por: chinese · roundcube · suspected · universities
Two new alleged victims detailed how Grok was used by friends and family to generate sexual images of them as minors. The suit also adds Stability AI as a defendant.
The post Deepfake CSAM lawsuit against xAI, Grok expands appeared first on CyberScoop.
Authorities didn’t name the man or file formal charges, but accuse him of participating in attacks linked to Cyber Army of Russia Reborn and NoName.
The post Spain arrests suspected hacker linked to Russian hacktivist campaign appeared first on CyberScoop.
The government's new AI clearinghouse risks becoming a committee that discovers more problems than it solves — unless it's designed around patching, not just scanning.
The post Found fast, fixed slow: The gap the AI clearinghouse must close appeared first on CyberScoop.
One of the project’s top goals is stitching together an international, quick response coalition of governments, businesses and civil experts for AI-related threats.
The post French nonprofit starts global intelligence and research hub for AI cyber threats appeared first on CyberScoop.
Alexis Chavez coerced multiple girls to commit self harm and produce child sexual abuse material for notoriety in a sprawling violent extremist collective affiliated with the Com.
The post 764 splinter group leader sentenced to 40 years in jail appeared first on CyberScoop.
The anti-fraud crackdown, dubbed Operation First Light, identified more than 142,000 victims of various social-engineering scams.
The post Interpol cybercrime crackdown nets 5,800 arrests across 97 countries appeared first on CyberScoop.
U.S. prosecutors linked an alleged Scattered Spider hacker to a break-in at a luxury jewelry retailer using a persistent Windows device ID, according to a newly unsealed federal complaint.
Microsoft records tied that ID first to the account the attackers used to keep access during the May 2025 intr…
AI is surfacing vulnerabilities at a scale the industry has never seen, and most organizations have no way to determine which ones actually matter.
The post Finding vulnerabilities was never the hard part appeared first on CyberScoop.
The AI agent didn’t accomplish every step in the late June 2026 attack, but it allowed the threat actor to significantly reduce complexity, speed up the tempo and gain operational advantages.
The post Sysdig clocks first documented case of agentic ransomware appeared first on CyberScoop.
At least two websites appear to be victim to 404 hijacking attacks. Army officials took the sites down after being contacted by CyberScoop.
The post US Army websites defaced with pro-Kurdish sentiments, insults to Trump appeared first on CyberScoop.
Citizen Lab says the phone of a member of Europe’s PEGA Committee was infected twice with Pegasus, the NSO Group spyware that gave the panel its name.
The post Someone infected a spyware probe overseer with spyware appeared first on CyberScoop.
The defect impacts a popular collection of business applications that attackers have hit before in widespread attack sprees.
The post Researchers spot exploitation of another critical Oracle defect appeared first on CyberScoop.
With federal PQC deadlines set for 2030 and 2031, CISOs face a multi-year transformation program that most organizations have not yet started. The window for orderly execution is narrowing fast.
The post What the post-quantum executive order really demands of CISOs appeared first on CyberScoop.
Dissenting justices who criticized the ruling said it would have “seismic” implications for the Fourth Amendment.
The post Supreme Court delivers ‘major win’ for tech privacy in Chatrie ruling appeared first on CyberScoop.
The ruling is a victory for election advocates who say the evidence overwhelmingly shows that voter fraud is rare and not tied to mail voting in general.
The post Supreme Court approves mail-in ballots that arrive after Election Day appeared first on CyberScoop.
The bill empowers the FTC to create a registry for sellers of AI agent software certifying their privacy and cybersecurity protections.
The post Warner bill would create federally vetted list for secure, trustworthy AI agents appeared first on CyberScoop.
From outsourced labor to tiered pricing models, an inside look at how today's top ransomware threats operate less like rogue hackers and more like Fortune 500 companies.
The post How ransomware syndicates weaponize corporate-style organization appeared first on CyberScoop.
The Department of Homeland Security is bringing back a key cybersecurity information sharing effort with critical infrastructure, more than a year after the Trump administration shuttered an existing nerve center between government and private sector. The Alliance of National Councils for Homeland O…
DHS Secretary Markwayne Mullin has been floating the idea of adding back 600 CISA personnel after deep Trump administration cuts.
The post Trump budget boss Russell Vought open to re-staffing CISA appeared first on CyberScoop.
The bulletin includes six NetScaler issues, but attention is centered on a high-severity flaw with similarities to earlier actively exploited bugs.
The post Citrix patches a new NetScaler flaw with echoes of CitrixBleed appeared first on CyberScoop.
Cisco Talos’ research on ARToken builds on what’s known about the related EvilTokens phishing-as-a-service.
The post This phishing kit looks more like BEC-as-a-service appeared first on CyberScoop.
The company and the Commerce Department say they have reached an agreement that will see the AI models released publicly with new guardrails and classifiers.
The post US lifting export control restrictions on Anthropic’s Mythos, Fable appeared first on CyberScoop.
lso Tuesday, the Treasury Department took action against the same Cambodian company, Huione Group, and affiliates.
The post Justice Department seizes infrastructure used by cyber scam and criminal marketplace appeared first on CyberScoop.
A diffuse landscape, fruitful targets, companies not stepping up, AI’s influence and flagging U.S. government efforts all figure into a shifting threat.
The post Open-source security is posing challenges governments can’t easily solve appeared first on CyberScoop.
Microsoft, with law enforcement and industry partners, disrupted more than 200 command and control servers for Amadey and StealC, often used in conjunction.
The post In a first, a court takedown goes after two cybercrime tools at once appeared first on CyberScoop.
Mandiant detailed the incident in a blog post Wednesday, but it’s unclear who was behind it or if they managed to get broad visibility into the victim’s internal traffic.
The post Malicious hackers exploit Cisco zero-day for highest access level at communications service provider appeared first on …
Six weeks of undetected access through a compromised VPN exposes why patching isn't a solution for the organizations already breached.
The post Why patch directives only go so far appeared first on CyberScoop.
Nathan Austad, who sold access to compromised accounts through a criminal storefront, is the third and final defendant sentenced in the 2022 breach
The post Minnesota man known as ‘Snoopy’ sentenced in DraftKings hack appeared first on CyberScoop.
The phone-cracking firm broke off from its deal with Russia, but Citizen Lab said that didn’t stop authorities from surveilling Andrey Pivovarov.
The post Russia uses Cellebrite to break into human rights activist’s phone, even after cancellation of contract appeared first on CyberScoop.
Provisions setting up federal voter lists for each state and restricting mail ballots through USPS were declared unconstitutional.
The post Federal court rules Trump election-focused executive order illegal appeared first on CyberScoop.
The new rules would overhaul national emergency systems to protect against hijacking and update federal security review rules for undersea cables providers
The post FCC passes new cybersecurity rules for emergency systems, undersea cables appeared first on CyberScoop.
The agency told CyberScoop the tool was a pilot that didn’t meet their needs. Members of Congress say it was accessed for hundreds of active cases.
The post ATF cancels controversial commercial geolocation contract appeared first on CyberScoop.
AI bills of materials (AIBOMs), modeled on standards that worked for software, could transform how policymakers understand and regulate AI. A new roadmap outlines what they need to include and how to get there.
The post A case for how to shape ‘ingredient lists’ for AI models appeared first on Cybe…
The breakneck speed of model releases may be creating short, silent security gaps as developers must choose between performance and security, according to a new report.
The post AI’s constant patching treadmill can be a security problem appeared first on CyberScoop.
Some panned it, some said they needed more information, but caution figured into all of the responses.
The post Lawmakers leery about Trump administration’s Anthropic order appeared first on CyberScoop.
Multiple firms have observed active exploitation of the FortiSandbox defects, and warn that the attacks originate from multiple sources, not a single campaign.
The post Attackers hit pair of critical Fortinet vulnerabilities the vendor disclosed in April appeared first on CyberScoop.
The consulting giant’s majority stake in Dragos, along with the purchase runZero and NetRise, marks its first major push into operational technology software as AI-driven threats to critical infrastructure intensify.
The post Accenture shells out $4.18B on three companies in big industrial cybersec…
The threat group’s remarkable success targeting open-source software was inevitable and fueled by the industry’s decision to prioritize code shipping over security.
The post How software development’s speed obsession enabled TeamPCP’s chaos crusade appeared first on CyberScoop.
The Commerce Department’s expert control decree led to the company shutting off access to Fable 5 and Mythos 5 worldwide, drawing sharp criticism from researchers and industry analysts.
The post Anthropic disables new models after government calls them a national security concern appeared first on C…
Dozens of practitioners said the decision to place export controls on the foreign use of Fable are misguided, and recent jailbreak reports don’t show the model providing unique hacking capabilities.
The post Cybersecurity experts don’t think Anthropic’s Fable 5 presents a unique threat appeared fir…
The revelation mirrors an alarming pattern of Chinese espionage groups dropping backdoors into critical infrastructure to intercept research and steal data with national security implications.
The post Google exposes China espionage group that’s been lurking in networks undetected since 2023 appeare…