Category Security

Jan 29, 2025Ravie LakshmananVulnerability / Threat Intelligence A critical security flaw has been disclosed in the Cacti open-source network monitoring and fault management framework that could allow an authenticated attacker to achieve remote code execution on susceptible instances. The flaw,…

Nation-state threat actors are frequently abusing Google’s generative AI tool Gemini to support their malicious cyber operations. An analysis by the Google Threat Intelligence Group (GTIG) highlighted that APT groups from Iran, China, Russia and North Korea are using the…

Jan 29, 2025Ravie LakshmananThreat Intelligence / Malware The North Korean threat actor known as the Lazarus Group has been observed leveraging a “web-based administrative platform” to oversee its command-and-control (C2) infrastructure, giving the adversary the ability to centrally supervise all…

AI-driven API vulnerabilities have skyrocketed by 1205% in the past year. The figures come from the 2025 API ThreatStats Report by Wallarm, which highlights how AI has become the biggest driver of API security threats, with nearly 99% of AI-related vulnerabilities tied…

Ransomware attacks have reached an unprecedented scale in the healthcare sector, exposing vulnerabilities that put millions at risk. Recently, UnitedHealth revealed that 190 million Americans had their personal and healthcare data stolen during the Change Healthcare ransomware attack, a figure…

The recently emerged HellCat ransomware gang is using psychological tactics to court public attention and pressure victims to pay extortion demands. This is according to an analysis of the ransomware-as-a-service (RaaS) group by Cato Networks, published on January 28. The…

A team of security researchers from Georgia Institute of Technology and Ruhr University Bochum has demonstrated two new side-channel attacks targeting Apple silicon that could be exploited to leak sensitive information from web browsers like Safari and Google Chrome. The…

The year-old Chinese startup DeepSeek took the world by storm when it launched R1, its new large language model (LLM), but experts are now rising about the risks it poses. DeepSeek’s breakthrough is that this reasoning model, an AI trained…

Jan 29, 2025The Hacker NewsThreat Detection / Artificial Intelligence Curious about the buzz around AI in cybersecurity? Wonder if it’s just a shiny new toy in the tech world or a serious game changer? Let’s unpack this together in a…

The UK government’s spending watchdog has raised grave concerns about the cyber resilience of critical IT systems across departments, highlighting major gaps in system controls and visibility. The warnings came from the National Audit Office (NAO) in its Government cyber…