OpenAI Assistants API Exploited in 'SesameOp' Backdoor
Instead of relying on more traditional methods, the backdoor exploits OpenAI’s Assistants API for command-and-control communications
Information Security Magazine
Scattered Spider, ShinyHunters and LAPSUS$ Form Unified Collective
3 months ago
Scattered Spider, ShinyHunters and LAPSUS$ have formed an enhanced coordinated threat network for extortion efforts
DragonForce Cartel Emerges as Conti-Derived Ransomware Threat
3 months ago
DragonForce, a ransomware group using Conti’s code, has adopted a cartel model to expand and recruit
Identity Is Now the Top Source of Cloud Risk
3 months ago
ReliaQuest data reveals identity issues were responsible for 44% of cloud security alerts in Q3
DeFi Protocol Balancer Loses Over $120m in Cyber Heist
3 months ago
Digital thieves have got away with over $120m stolen from popular decentralized finance protocol Balancer
CISA and NSA Outline Best Practices to Secure Exchange Servers
3 months ago
CISA and NSA have released a blueprint to enhance Microsoft Exchange Server security against cyber-attacks
New GDI Flaws Could Enable Remote Code Execution in Windows
3 months ago
Flaws in Windows Graphics Device Interface (GDI) have been identified that allow remote code execution and information disclosure
Hackers Help Organized Crime Groups in Cargo Freight Heists, Researchers Find
3 months ago
Proofpoint researchers have observed recent hacking campaigns supporting cargo theft
Conti Suspect in Court After Extradition From Ireland
3 months ago
Ukrainian national Oleksii Oleksiyovych Lytvynenko has appeared in a US court in connection with Conti ransomware charges
Leak Site Ransomware Victims Spike 13% in a Year
3 months ago
CrowdStrike data reveals a 13% annual increase in the number of European ransomware victims in 2025
Conduent Data Breach Impacts Over 10.5 Million Individuals
3 months ago
Over 10.5 million individuals were impacted by a widespread 2024 data breach at Conduent Business Services, with customer notifications issued in October 2025
Chinese-Linked Hackers Exploit Windows Flaw to Spy on Belgian and Hungarian Diplomats
3 months ago
A new UNC6384 campaign highlights the threat actor’s growing sophistication and geographic expansion
Facial Recognition Firm Clearview AI Hit with Criminal Complaint in Austria
3 months ago
Clearview AI faces a criminal complaint in Austria for allegedly ignoring EU data protection rulings
Critical Flaws Found in Elementor King Addons Affect 10,000 Sites
3 months ago
The King Addons for Elementor plugin contains two flaws allowing unauthenticated file uploads and privilege escalation
Threat Actors Utilize AdaptixC2 for Malicious Payload Delivery
3 months ago
Cybercriminals are abusing AdaptixC2, a legitimate emulation framework, in ransomware campaigns
Shadow AI: One In Four Employees Use Unapproved AI Tools, Research Finds
3 months ago
Over a quarter of employees work with AI tools that had not been authorized by their company
Proton Claims 300 Million Records Compromised So Far This Year
3 months ago
A new dark web analysis reveals more than 300 million records have been breached in 2025 to date
Defense Contractor Boss Pleads Guilty to Selling Zero-Day Exploits to Russia
3 months ago
The former general manager of defense contractor Trenchant has admitted selling zero-days to Russian broker
Chrome to Make HTTPS Mandatory by Default in 2026
3 months ago
Google Chrome will enhance security with enforced HTTPS connections from version 154, set for release in October 2026
Npm Malware Uses Invisible Dependencies to Infect Dozens of Packages
3 months ago
The ongoing ‘PhantomRaven’ malicious campaign has infected 126 npm packages to date, representing 86,000 downloads
Checked
2 hours 53 minutes ago