This has significance for CISOs because they need to be aware of how communication between the US and other countries is being monitored. The Act permits US intelligence agencies to collect texts and emails sent to and from foreigners living… Read More "Warrantless wiretaps cut off for a week following US Congress vote"
As 2025 draws to a close, Tony looks back at the cybersecurity stories that stood out both in December and across the whole of this year 29 Dec 2025 As we close out 2025, it’s time for ESET Chief Security… Read More "This month in security with Tony Anscombe – December 2025 edition"
NPM has announced new version (v12) of the npm package manager in a bid to prevent software supply chain attacks. In a blog post published on June 9, The team of npm developers at Microsoft-owned GitHub announced three security-focused breaking… Read More "GitHub to Update npm to Thwart Software Supply Chain Attacks"
Google on Thursday rolled out a Chrome 149 update that resolves 28 critical and high-severity vulnerabilities. The update patches five critical-severity bugs: use-after-free issues in Core, DigitalCredentials, and WebMIDI, an insufficient validation of untrusted input flaw in Accessibility, and a… Read More "Chrome 149 Update Patches 28 Vulnerabilities"
Ravie LakshmananJun 12, 2026Cybercrime / Phishing An INTERPOL-led operation last month resulted in the disruption of Sniper Dz, a decade-long phishing-as-a-service (PhaaS) platform, Group-IB said Thursday. The effort, codenamed Operation Ramz, took place between October 2025 and February 2026, and… Read More "INTERPOL Operation Takes Down Sniper Dz Phishing Platform, Arrests Administrator"
If your data is on the dark web, it’s probably only a matter of time before it’s abused for fraud or account hijacking. Here’s what to do. 13 Jan 2026 • , 6 min. read Contrary to popular belief, much… Read More "Your information is on the dark web. What happens next?"
An international law enforcement operation has dismantled a cryptocurrency laundering service widely used by ransomware gangs and other cyber-criminal groups. The service, known as ‘AudiA6’, is suspected of laundering more than €336m ($389m) for cybercriminals between 2022 and 2025. It… Read More "Ransomware Crypto Laundering Platform Taken Out by FBI and Europol"
Claude Fable 5 has become generally available, with Anthropic unveiling it as a powerful Mythos-class AI model. The release includes robust safeguards that restrict its capabilities in high-risk domains. In sensitive areas such as cybersecurity (where it could be misused… Read More "Industry Reactions to Claude Fable 5: Feedback Friday"
Key Takeaways Double extortion ransomware combines data encryption with data theft, increasing pressure on organizations by threatening both operational disruption and public data exposure. Attackers gain access through phishing, weak credentials, or unpatched vulnerabilities, then move laterally to exfiltrate sensitive… Read More "How to Defend Against Double Extortion Ransomware: Protecting Your Data and Your Reputation"
Ravie LakshmananJun 12, 2026Artificial Intelligence / Vulnerability Cybersecurity researchers have described what they say is a new class of attack that can trick artificial intelligence (AI) coding agents into running arbitrary code on developer machines. Called Agentjacking by Tenet Security,… Read More "Agentjacking Attack Tricks AI Coding Agents Into Running Malicious Code"
