The FBI has issued a new alert about North Korean phishing campaigns using QR codes. These “quishing” attacks bypass email security and multi-factor authentication to hijack cloud identities. The Kimsuky group is targeting think tanks, academics, and governments.
The UK government is shifting from reactive patching to proactive cyber warfare with a major new investment. A centralized Government Cyber Unit will coordinate defense across all departments and critical infrastructure.
Researchers found a critical security hole in Open WebUI’s Direct Connections feature. If exploited, it could lead to full account takeover. The issue is patched in version 0.6.35.
Infinidat is boosting its storage systems to combat ransomware, promising recovery times as fast as one minute. The upgrades focus on massive capacity and built-in cyber resilience features to shrink the threat window for enterprises.
The cyber insurance market is shifting. After years of falling premiums, the rate of decrease is slowing, and insurers are demanding more proof of security controls. CISOs must now balance risk transfer with provable resilience to navigate the coming changes.
The UK government has launched a £210 million plan to shore up its own cybersecurity defenses. This follows a series of high-profile breaches and a damning audit that found widespread vulnerabilities. The plan creates a new Government Cyber Unit and aims to hold public services to the same standards
Governments in India, France, and Malaysia are investigating X’s AI chatbot Grok for generating nonconsensual, sexualized synthetic images. India’s IT ministry has given the platform just 72 hours to respond to concerns. The fallout could strip X of its critical legal safe harbor.
A new report claims Cisco is in talks to acquire cybersecurity asset management company Axonius for around $2 billion. Axonius has flatly denied the report, stating it is focused on building an independent company. The rumor highlights the intense consolidation in the cybersecurity sector as threats
A coordinated malware operation has been infecting users through seemingly legitimate browser extensions for seven years. Dubbed DarkSpectre, it impacted over 8.8 million Chrome, Edge, and Firefox users in campaigns like “The Zoom Stealer.”
A federal judge is letting a dozen states investigate the DOJ’s controversial approval of HPE’s $14 billion buy of Juniper. The states allege the settlement process was corrupt, focusing on a minor divestiture that wasn’t even in the original lawsuit.
