The BTMOB remote access trojan (RAT) is becoming a heightened threat to Android users due to its data theft and device takeover capabilities, ESET warns. Believed to be based on the SpySolr malware, BTMOB is distributed via phishing attacks leveraging… Read More "New BTMOB Android Malware Enables Full Device Takeover"
State of AI Usage Report 2026 (full report here) by LayerX Security reveals the extent of the enterprise AI visibility gap and why most organizations still don’t understand where their AI exposure is actually coming from. The research shows that… Read More "Enterprise AI Risk Is Heavily Concentrated Among a Small Group of AI “Power users”"
Think about what your team used to rely on. Attackers left clues that telegraphed their presence – patterns you could learn, signatures you could catch and their campaigns moved slowly enough to track. That’s gone. Reconnaissance that took days now… Read More "What the industrialization of exploitation means for defenders"
A breach claims the systems as well as the confidence that was, in retrospect, a major vulnerability 24 Apr 2026 • , 5 min. read There’s a bit of a pattern in the history of organizational failures that repeats too… Read More "What you see is not all there is"
A previously unreported threat actor has been observed targeting cryptocurrency firms with custom macOS malware, fake recruiter approaches and the hijacking of internal development pipelines. Wiz has attributed the activity to a financially motivated cluster, now tracked as Jinx-0164, according… Read More "New Threat Actor Jinx-0164 Targets Crypto Developers on macOS"
Vendor Risk Management encompasses a wide range of cybersecurity risk factors. As such, a VRM report design could range from highly detailed to concise, depending on the specific reporting requirements of stakeholders and the board. This list represents the most… Read More "A Guide to Vendor Risk Management Reporting in 2026"
“We would not say that every single phishing message we observed was definitively caused by a direct compromise of the hotel’s own internal systems,” the researcher says. Phishing messages could have been sent using information from other data breaches or… Read More "Scammers Are Using Your Real Hotel Reservations to Trick You With Spear-Phishing Attacks"
Google Cloud this week announced an always-on autonomous platform designed to protect enterprises from the rising wave of AI-powered cyberattacks. The new Google AI Threat Defense cybersecurity solution leverages AI to identify machine-powered threats faster and stop them before they… Read More "Google Unveils AI Threat Defense Platform to Fight AI-Powered Cyberattacks"
Ravie LakshmananMay 28, 2026Supply Chain Attack / Malware A new campaign orchestrated by a previously undocumented threat actor has targeted cryptocurrency organizations with an aim to facilitate digital asset theft using recruitment-themed social engineering and bespoke macOS malware. “These campaigns… Read More "JINX-0164 Targets Cryptocurrency Firms with Fake Recruiter Lures and macOS Malware"
“The biggest challenge is not simply whether an agent produces a good answer,” he says. “It is whether the organization can prove what the agent accessed, what instructions it followed, what tools it invoked, what decisions it made, where a… Read More "The AI governance imperative you can’t afford to ignore"
