Professional attack model The Kali365 service provides templates, management dashboards, and integrated tools that lower the skill barrier for implementing large-scale attacks to the threat actor subscribing to it. Subscriptions start at $250 for 30 days and go up to $2,000… Read More "Security experts caution MFA alone can no longer stop threat actors"
The head of the UK’s National Crime Agency (NCA) has warned that the country’s teens are being “radicalized” into becoming cybercriminals by online platforms. The NCA was set up over a decade ago to tackle serious and organized crime. In a… Read More "NCA Boss Warns That Teens Are Being “Radicalized” Online"
Anthropic said it created Project Glasswing when capabilities in its new frontier model “revealed a stark fact: AI models have reached a level of coding capability where they can surpass all but the most skilled humans at finding and exploiting… Read More "Project Glasswing has uncovered 10,000 vulnerabilities: Anthropic"
ESET researchers have recently observed a new instance of Operation DreamJob – a campaign that we track under the umbrella of North Korea-aligned Lazarus – in which several European companies active in the defense industry were targeted. Some of these… Read More "Lazarus targets the UAV sector"
Threat actors have demonstrated just how quickly they operate today after exploiting a critical open source vulnerability within 20 hours, working only from the advisory description. The bug, CVE-2026-33017, is an unauthenticated remote code execution (RCE) vulnerability in Langflow –… Read More "Hackers Exploit Critical Langflow Bug in Just 20 Hours"
Shadow IT leaves organizations exposed to cyberattacks and raises the risk of data loss and compliance failures 24 Oct 2025 In the remote and hybrid work era, employee use of unsanctioned hardware and software (known as shadow IT) has become… Read More "Cyber risk thrives in the shadows"
A .NET-based infostealer sold as part of a commercial cybercrime toolkit that bundles a stealer, crypter and remote access tool (RAT) under subscription tiers has been detailed further by cybersecurity researchers. The malware, known as Phantom Stealer, collects browser credentials,… Read More "Phantom Project Bundles Infostealer, Crypter and RAT For Sale"
With cybersecurity talent in short supply and threats evolving fast, managed detection and response is emerging as a strategic necessity for MSPs 27 Oct 2025 • , 5 min. read Managed service providers (MSPs) should be in a good place… Read More "How MDR can give MSPs the edge in a competitive market"
A Maryland man has been charged with stealing more than $53m after allegedly hacking the Uranium Finance cryptocurrency exchange twice in 2021 and laundering the proceeds through a crypto mixer. Jonathan Spalletta, 36, appeared in court after surrendering to law… Read More "Maryland Man Charged Over $53m Uranium Finance Crypto Hack"
Here’s what to know about a recent spin on an insider threat – fake North Korean IT workers infiltrating western firms 28 Oct 2025 • , 5 min. read Back in July 2024, cybersecurity vendor KnowBe4 began to observe suspicious… Read More "Can you spot a spy posing as a job seeker?"
