The French Cybersecurity Agency (ANSSI) has confirmed the decline of known ransomware attacks in 2025, in part due to successful law enforcement operations. The latest edition of the agency’s annual threat report, published on March 11, dives into the range… Read More "France’s Cybersecurity Agency Reports Ransomware Attack Drop in 2025"
Adobe on Saturday released emergency patches for a critical Acrobat and Reader zero-day that has been exploited in the wild for several months. The vulnerability has been assigned the CVE identifier CVE-2026-34621 and a CVSS score of 9.6. According to… Read More "Adobe Patches Reader Zero-Day Exploited for Months"
With the rapid adoption of generative AI, a new wave of threats is emerging across the industry with the aim of manipulating the AI systems themselves. One such emerging attack vector is indirect prompt injections. Unlike direct prompt injections, where… Read More "Mitigating prompt injection attacks with a layered defense strategy"
Ravie LakshmananApr 12, 2026Vulnerability / Endpoint Security Adobe has released emergency updates to fix a critical security flaw in Acrobat Reader that has come under active exploitation in the wild. The vulnerability, assigned the CVE identifier CVE-2026-34621, carries a CVSS score of… Read More "Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621"
Being seen as reliable is good for ‘business’ and ransomware groups care about ‘brand reputation’ just as much as their victims 11 Dec 2025 • , 4 min. read Black Hat Europe 2025 opened with a presentation by Max Smeets… Read More "Reputation is currency – even in the ransomware economy"
The UK government has sanctioned a network of individuals and organizations allegedly linked to scam compounds in Southeast Asia. Across Southeast Asia, scam centers are using sophisticated schemes, including romance scams, to defraud victims on an industrial scale. The latest action by the UK government,… Read More "UK Cracks Down on Chinese Crypto Marketplace for Funding Scam Hubs"
Posted by David Adrian, Javier Castro & Peter Kotwicz, Chrome Security Team Android recently announced Advanced Protection, which extends Google’s Advanced Protection Program to a device-level security setting for Android users that need heightened security—such as journalists, elected officials, and… Read More "Advancing Protection in Chrome on Android"
Ravie LakshmananApr 12, 2026Malware / Threat Intelligence Unknown threat actors compromised CPUID (“cpuid[.]com”), a website that hosts popular hardware monitoring tools like CPU-Z, HWMonitor, HWMonitor Pro, and PerfMonitor, for less than 24 hours to serve malicious executables for the software and… Read More "CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads"
The AI agents many organizations have begun deploying to automate complex business and operational workflows can be quietly turned against them if not properly configured with the right permissions. Recent research by Palo Alto Networks has shown how the risk… Read More "Google’s Vertex AI Is Over-Privileged. That’s a Problem"
Behind the polished exterior of many modern buildings sit outdated systems with vulnerabilities waiting to be found 12 Dec 2025 • , 3 min. read “A City of a Thousand Zero Days” is the partial title of a talk at… Read More "Was that device designed to be on the internet at all?"
