Widespread misconfiguration of popular AI assistant OpenClaw means many instances are exposed to the public-facing internet, SecurityScorecard has warned. The security vendor said it found 40,214 such instances of the tool, formerly known as Clawdbot and Moltbot, although the figure… Read More "Researchers Find 40,000+ Exposed OpenClaw Instances"
Social media sites received nearly £3.8bn ($5.2bn) in revenue from malicious ads in Europe in 2025, off the back of almost one trillion impressions, according to Juniper Research. The analyst used publicly available data to study ads on Facebook, Instagram,… Read More "Social Media Platforms Earn Billions from Scam Ads"
The new N-able and Futurum Report reveals how AI is reshaping cyber resilience as it accelerates both business innovation and adversarial tradecraft. Attackers are scaling their operations with unprecedented speed, leveraging automation to bypass traditional defenses. For IT security leaders… Read More "5 trends defining the future of AI-powered cybersecurity"
US payments platform provider BridgePay has confirmed it is experiencing an IT outage due to a ransomware attack. In a series of security alerts published on February 6, the Florida-based company said the attack caused “system-wide service disruption.” The firm… Read More "BridgePay Confirms Ransomware Attack, No Card Data Compromised"
Xinbi Guarantee has also hosted a wide variety of other black market offerings, including harassment services that threaten or throw feces at a victim for a fee, and even sex workers as young as 14 who are likely trafficking victims.… Read More "Telegram Is Still Hosting a Sanctioned $21 Billion Crypto Scammer Black Market"
The US cybersecurity agency CISA on Monday expanded its Known Exploited Vulnerabilities (KEV) catalog with seven vulnerabilities, including two Windows bugs. Tracked as CVE-2023-36424, the first of the Windows flaws is described as a common log file driver issue that… Read More "Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities"
Security teams are stretched thin. Alerts never stop, attackers move faster, and expectations for uptime and resilience keep rising. For many IT and security leaders, Managed Detection and Response (MDR) has become less of a “nice to have” and more… Read More "4 questions to ask before outsourcing MDR"
A Linux-based command-and-control (C2) framework capable of long-term intrusion across cloud and enterprise environments has been further analyzed in new research. Known as VoidLink, the malware generates implant binaries designed for credential theft, data exfiltration and stealthy persistence on compromised… Read More "VoidLink Malware Exhibits Multi-Cloud Capabilities and AI Code"
OpenAI on Tuesday announced the next phase of its cybersecurity strategy and a new model specifically designed for use by digital defenders, GPT-5.4-Cyber. The news comes in the wake of an announcement last week by competitor Anthropic that its new… Read More "In the Wake of Anthropic’s Mythos, OpenAI Has a New Cybersecurity Model—and Strategy"
As part of its ongoing efforts to enhance the security of Pixel phones, Google has announced the integration of a Rust-based Domain Name System (DNS) parser into the modem firmware. The move builds on previously announced deployment of Rust in… Read More "Google Adds Rust DNS Parser to Pixel Phones for Better Security"
