Attacks Abuse Windows Phone Link to Steal Texts & Bypass 2FA
In hard-to-detect attacks, hackers are dropping the CloudZ RAT and a fresh plugin, Pheno, to hijack the Windows-based bridge between PCs and smartphones.
In hard-to-detect attacks, hackers are dropping the CloudZ RAT and a fresh plugin, Pheno, to hijack the Windows-based bridge between PCs and smartphones.
AI-generated code is changing AppSec workflows, forcing teams to rethink SDLC security, dependency checks, code review, and risk prioritization.
Palo Alto Networks warned customers today that a critical-severity unpatched vulnerability in the PAN-OS User-ID Authentication Portal is being exploited in attacks. [...]
Google has announced expanded Binary Transparency for Android as a way to safeguard the ecosystem from supply chain attacks. "This new public ledger ensures the Google apps on your device are exactly what we intended to build and distribute," Google's product and security teams s…
Cybersecurity researchers have disclosed details of an intrusion that involved the use of a CloudZ remote access tool (RAT) and a previous undocumented plugin dubbed Pheno with the aim of facilitating credential theft. "According to the functionalities of the CloudZ RAT and Pheno…
DataDome researchers uncovered a massive low and slow DDoS attack that delivered 2.45 billion requests using 1.2 million IP addresses.
Palo Alto Networks has released an advisory warning that a critical buffer overflow vulnerability in its PAN-OS software has been exploited in the wild. The vulnerability, tracked as CVE-2026-0300, has been described as a case of unauthenticated remote code execution. It carries …
As the war with Iran continues, breach attempts targeting the United Arab Emirates tripled in a few weeks — many targeting critical infrastructure.
HIPAA—N.D. Tex.: Federal court enforces DOJ subpoena to Rhode Island Hospital amid emergency bid to quash VitalLaw.com
A previously undocumented Linux implant named Quasar Linux (QLNX) is targeting developers' systems with a mix of rootkit, backdoor, and credential-stealing capabilities. [...]
The hacker behind a breach at education technology giant Instructure claims to have stolen 280 million data records for students and staff from 8,809 colleges, school districts, and online education platforms. [...]
Info is scant, but such breaches can reveal where a security product's controls are located and how detections are designed, giving attackers a leg up.
The UC Berkeley Center for Long-Term Cybersecurity (CLTC) offers tools and support to schools, local governments, and non-profits as they defend themselves against a growing volume of cyberattacks.
Daemon Tools users: It's time to check your machines for stealthy infections stat.
Hackers trojanized installers for the DAEMON Tools software and since April 8, delivered a backdoor to thousands of systems that downloaded the product from the official website. [...]
Well-run security drills go beyond checking audit boxes to identify and address trouble spots. Effective leaders can ensure proper scope, access, and follow-through, but it’s not easy.
A 23-year-old university student in Taiwan was arrested for interfering with the TETRA communication system used by the country's high-speed railway network (THSR). [...]
By Kaitlyn Bookout - More than 10,000 heart rhythm experts gathered at McCormick Place for HRS 2026. This year, the focus shifted from clinical skill alone to the necessity of a strong data strategy for cardiac device management. The post The Pulse of Progress: How Cardiac Devic…
Former Maryland Pharmacist Indicted Over 8-Year Cyber Spying Campaign The HIPAA Journal
A former Maryland hospital pharmacist who is alleged to have engaged in a multi-year cyber spying campaign is facing up […] The post Former Maryland Pharmacist Indicted Over 8-Year Cyber Spying Campaign appeared first on The HIPAA Journal.