Japan, South Korea Take Aim at North Korean IT Worker Scam
Japan, South Korea Take Aim at North Korean IT Worker Scam Summary Japan, South Korea and the United States have ramped up cooperation to disrupt a large-scale North Korean scheme…
Russia’s APT28 Targets Microsoft Outlook With ‘NotDoor’ Malware
Russia’s APT28 Targets Microsoft Outlook With ‘NotDoor’ Malware Summary Researchers at Lab52 (S2 Grupo) have uncovered a new Outlook VBA backdoor dubbed “NotDoor” that APT28 (Fancy Bear) is using to…
How big will this Drift get? Cloudflare cops to Salesloft Drift breach
Summary Cloudflare has confirmed that some customer data was exposed after attackers abused the Salesloft Drift compromise to access the company’s Salesforce support tenant. In a detailed post-mortem, Cloudflare’s security…
Internet mapping and research outfit Censys reveals state-based abuse, harassment
Internet mapping and research outfit Censys reveals state-based abuse, harassment Summary Censys — the internet-mapping project turned company — says state-based actors and other malicious parties have attempted to abuse…
It looks like you’re ransoming data. Would you like some help?
It looks like you’re ransoming data. Would you like some help? Summary The Register outlines how AI is lowering the barrier for ransomware and extortion operations. Researchers recently found PromptLock,…
Crims claim HexStrike AI penetration tool makes quick work of Citrix bugs
Crims claim HexStrike AI penetration tool makes quick work of Citrix bugs Summary Attackers on underground forums say they used HexStrike AI, an open-source AI-driven red‑teaming framework, to target Citrix…
What is information security (infosec)?
What is information security (infosec)? Summary Information security (infosec) is the set of policies, procedures and controls used to protect information — digital or otherwise — from unauthorised access, modification,…
Android drops mega patch bomb – 120 fixes, two already exploited
Android drops mega patch bomb – 120 fixes, two already exploited Summary Google’s September 2025 Android security bulletin ships 120 fixes — the largest monthly bundle so far this year.…
Hybrid Clouds Provide a Practical Approach to Post-Quantum Migration
Hybrid Clouds Provide a Practical Approach to Post-Quantum Migration Summary This Tech Tip from Dark Reading (Alex Zaslavsky, SafeLogic) explains a practical, low-disruption route to begin migrating to post-quantum cryptography…
Proof-of-Concept in 15 Minutes? AI Turbocharges Exploitation
Proof-of-Concept in 15 Minutes? AI Turbocharges Exploitation Summary An AI-driven offensive research pipeline, dubbed Auto Exploit and developed by two independent Israeli security researchers, uses an LLM (Anthropic’s Claude-sonnet-4.0), CVE…