Australia, New Zealand, Tonga, Warn of Rising INC Ransom Attacks Targeting Pacific Networks 2026-03-09 at 15:37 By Ashish Khaitan Cybersecurity agencies across the Pacific region are sharing concerns about the ransomware group INC Ransom’s expanding activities and the growing influence of its affiliate network. A joint advisory issued by the Australian Cyber Security Centre (ACSC), National […]
The Blast Radius Problem: Stolen Credentials are Weaponizing Agentic AI 2026-02-25 at 18:16 By Kevin Townsend More than half (56%) of the 400,000 vulnerabilities IBM X-Force tracked in 2025 required no authentication before exploitation. The post The Blast Radius Problem: Stolen Credentials are Weaponizing Agentic AI appeared first on SecurityWeek. This article is an excerpt
The Blast Radius Problem: Stolen Credentials are Weaponizing Agentic AI Read More »
Airline brands become launchpads for phishing, crypto fraud 2026-02-25 at 08:05 By Sinisa Markovic Airline brands sit at the center of peak travel booking cycles, loyalty programs, and high value transactions. Criminal groups continue to register thousands of lookalike domains tied to these brands, targeting travelers, employees, and business partners. Recent threat intelligence from BforeAI’s
Airline brands become launchpads for phishing, crypto fraud Read More »
Edge systems take the brunt of internet-wide exploitation attempts 2026-02-25 at 07:18 By Anamarija Pogorelec Internet-facing VPNs, routers, and remote access services absorbed sustained exploitation attempts throughout the second half of 2025, with nearly 3 billion malicious sessions recorded over 162 days. The concentration on edge infrastructure aligns with how attackers pursue initial access across
Edge systems take the brunt of internet-wide exploitation attempts Read More »
How the Protective Security Policy Framework Shapes Australia’s Commonwealth Cyber Security Strategy 2026-02-16 at 13:41 By Ashish Khaitan The Australian government has intensified efforts to protect digital infrastructure across all Commonwealth entities. Two recent publications, the 2024–25 Protective Security Policy Framework (PSPF) Assessment Report and the 2025 Commonwealth Cyber Security Posture Report, offer a comprehensive snapshot of current achievements, challenges, and future priorities in government cyber resilience. The PSPF Assessment Report highlights
SpiderLabs Ransomware Tracker Update January 2025: Qilin Continues as Dominant Threat Group 2026-02-03 at 17:02 By The January 2026 edition of LevelBlue SpiderLabs ransomware tracker noted a sharp fall in the number of attacks launched compared to December 2025. Qilin remained the top attacker, but there was a reshuffling of the remaining top five attackers
OPNsense 26.1 brings updates to open-source firewall management 2026-01-29 at 01:17 By Anamarija Pogorelec OPNsense, the open-source firewall and network security platform, reached version 26.1, adding a range of updates affecting management, traffic visibility, automation interfaces, and core services. Changes in firewall management and APIs Version 26.1, code-named Witty Woodpecker, introduces revisions to the firewall
OPNsense 26.1 brings updates to open-source firewall management Read More »
Cyber Insights 2026: Threat Hunting in an Age of Automation and AI 2026-01-26 at 14:37 By Kevin Townsend Understanding how threat hunting differs from reactive security provides a deeper understanding of the role, while hinting at how it will evolve in the future. The post Cyber Insights 2026: Threat Hunting in an Age of Automation
Cyber Insights 2026: Threat Hunting in an Age of Automation and AI Read More »
Critical Infrastructure Attacks Became Routine for Hacktivists in 2025 2026-01-20 at 14:24 By Ashish Khaitan Hacktivists moved well beyond their traditional DDoS attacks and website defacements in 2025, increasingly targeting industrial control systems (ICS), ransomware, breaches, and data leaks, as their sophistication and alignment with nation-state interests grew. That was one of the conclusions in Cyble’s exhaustive new 2025 Threat Landscape report, from which this blog was adapted.
Critical Infrastructure Attacks Became Routine for Hacktivists in 2025 Read More »
Cyber Insights 2026: Information Sharing 2026-01-19 at 17:21 By Kevin Townsend Information sharing is necessary for efficient cybersecurity, and is widespread; but never quite perfect in practice. The post Cyber Insights 2026: Information Sharing appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Cyber Insights 2026: Information Sharing Read More »
Ransomware and Supply Chain Attacks Soared in 2025 2026-01-16 at 10:25 By Ashish Khaitan Overview Ransomware and supply chain attacks soared in 2025, and persistently elevated attack levels suggest that the global threat landscape will remain perilous heading into 2026. Cyble recorded 6,604 ransomware attacks in 2025, up 52% from the 4,346 attacks claimed by ransomware groups in 2024. The year ended with a near-record 731 ransomware attacks in December, second only to February 2025’s record totals (chart below). Supply
Ransomware and Supply Chain Attacks Soared in 2025 Read More »
Enterprise security faces a three-front war: cybercrime, AI misuse, and supply chains 2026-01-13 at 11:04 By Anamarija Pogorelec Security teams are dealing with pressures tied to AI use, geopolitical instability, and expanding cybercrime that reach beyond technical controls, according to findings from the World Economic Forum’s Global Cybersecurity Outlook 2026. AI drives risk growth and
Enterprise security faces a three-front war: cybercrime, AI misuse, and supply chains Read More »
What security teams can learn from torrent metadata 2026-01-12 at 08:10 By Mirko Zorz Security teams often spend time sorting through logs and alerts that point to activity happening outside corporate networks. Torrent traffic shows up in investigations tied to policy violations, insider risk, and criminal activity. A new research paper looks at that same
What security teams can learn from torrent metadata Read More »
UTMStack: Open-source unified threat management platform 2025-12-10 at 08:52 By Sinisa Markovic UTMStack is an open-source unified threat management platform that brings SIEM and XDR features into one system. The project focuses on real time correlation of log data, threat intelligence, and malware activity patterns gathered from different sources. The goal is to help organizations
UTMStack: Open-source unified threat management platform Read More »
The simple shift that turns threat intel from noise into real insight 2025-12-09 at 08:02 By Help Net Security In this Help Net Security video, Alankrit Chona, CTO at Simbian, explains how security teams can put threat intelligence to work in a way that supports detection, response, and hunting. Chona walks through why many teams
The simple shift that turns threat intel from noise into real insight Read More »
In Other News: X Fined €120 Million, Array Flaw Exploited, New Iranian Backdoor 2025-12-05 at 17:57 By SecurityWeek News Other noteworthy stories that might have slipped under the radar: Akamai patches HTTP smuggling vulnerability, Claude Skills used to execute ransomware, PickleScan flaws. The post In Other News: X Fined €120 Million, Array Flaw Exploited, New
In Other News: X Fined €120 Million, Array Flaw Exploited, New Iranian Backdoor Read More »
Threat intelligence programs are broken, here is how to fix them 2025-12-03 at 07:12 By Anamarija Pogorelec Security teams often gather large amounts of threat data but still struggle to improve detection or response. Analysts work through long lists of alerts, leaders get unclear insights, and executives see costs that do not lead to better
Threat intelligence programs are broken, here is how to fix them Read More »
Fragmented tooling slows vulnerability management 2025-11-28 at 07:32 By Anamarija Pogorelec Security leaders know vulnerability backlogs are rising, but new data shows how quickly the gap between exposures and available resources is widening, according to a new report by Hackuity. Fragmented detection and slow remediation Organizations use a formalized approach to manage vulnerabilities, but their
Fragmented tooling slows vulnerability management Read More »
Russian Hackers Target US Engineering Firm Because of Work Done for Ukrainian Sister City 2025-11-26 at 02:33 By Associated Press The attack on the engineering firm was identified by Arctic Wolf in September before it could disrupt the engineering company’s operations or spread further. The post Russian Hackers Target US Engineering Firm Because of Work
MI5 Warns Lawmakers That Chinese Spies Are Trying to Reach Them via LinkedIn 2025-11-18 at 18:36 By Associated Press Britain’s domestic intelligence agency warned that Chinese nationals were ”using LinkedIn profiles to conduct outreach at scale” on behalf of the Chinese Ministry of State Security. The post MI5 Warns Lawmakers That Chinese Spies Are Trying
MI5 Warns Lawmakers That Chinese Spies Are Trying to Reach Them via LinkedIn Read More »