Most businesses are concerned about AI-enabled cyber-threats, with 93% of security leaders expecting to face daily AI-driven attacks by the end of 2024, according to a new report by Netacea.

One in five UK companies has experienced sensitive corporate data exposure due to employees' use of generative AI (GenAI), according to a report by cybersecurity services provider RiverSafe.

Local reports claimed that the hackers targeted as many as 83 defense contractors and subcontractors, and managed to steal sensitive information from 10 of them between October 2022 and July 2023, although the campaign lasted over a year.

In a move away from traditional phishing scams, attackers are increasingly exploiting vulnerabilities in computer systems to gain initial network access, according to Mandiant’s M-Trends 2024 Report.

A notorious Russian APT group has been stealing credentials for years by exploiting a Windows Print Spooler bug and using a novel post-compromise tool known as “GooseEgg,” Microsoft has revealed.

The perpetrators attract unsuspecting Telegram users through a referral system, enticing them with promises of an “exclusive earning program” shared via contacts in their network.

The exploit occurs when referencing a private/local package, which inadvertently fetches a malicious package similarly named from the public registry due to misconfigurations in package managers.

Trust in cybersecurity tools has become one of the biggest challenges facing critical national infrastructure (CNI) providers as sophisticated nation-state attacks proliferate, according to a new report from Bridewell.

The figures come from the latest Egress report, which also suggests a notable decrease in attachment-based payloads, which halved from 72.7% to 35.7% over the same period.

Protobom, the new open source software tool, will help all organizations read and generate SBOMs and file data, as well as translate this data across standard industry SBOM formats.