X is requiring all users with hardware security keys to re-enroll them by November 10. This mandatory update affects YubiKeys and passkeys, but not authenticator apps. Failure to comply could lock users out of their accounts.
Palo Alto Networks has unveiled Cortex AgentiX, a platform for building and governing AI agents in cybersecurity. The move signals a strategic push toward autonomous security operations and addresses the industry’s manual investigation challenges.
Businesses worldwide are confronting a surge in AI-generated fake expense receipts. Detection systems are flagging millions in fraudulent claims as generative AI tools create convincing forgeries effortlessly.
The popular security service Have I Been Pwned has integrated a massive new dataset containing 183 million unique email addresses from a recent breach. The data originates from Synthient’s threat intelligence platform and primarily stems from infostealer malware infections. This addition brings the service’s total coverage to over 15.3 billion compromised accounts across 916 websites.
Have I Been Pwned, the go-to resource for checking compromised accounts, just got significantly more comprehensive. According to recent updates, the service founded by security expert Troy Hunt has added a staggering 183 million unique email addresses to its database. This represents one of the larger single additions to the platform in recent memory, sourced from what analysts are describing as a major aggregation of threat data.
Social engineering attacks powered by artificial intelligence are driving unprecedented financial losses, with the FBI reporting $16.6 billion in cybercrime damages last year. Voice cloning technology now makes synthetic calls indistinguishable from genuine ones, enabling sophisticated vishing scams that bypass traditional security measures.
Cybercriminals are weaponizing artificial intelligence to scale social engineering attacks with frightening efficiency, according to recent industry analyses. The FBI’s 2024 Internet Crime Report reveals the staggering impact: $16.6 billion in losses from nearly 860,000 complaints, representing a 33% surge from the previous year. What’s particularly alarming security experts is how phishing and spoofing dominated the crime landscape with over 193,000 incidents.
Staff reductions at the Cybersecurity and Infrastructure Security Agency come at what analysts describe as the worst possible moment for national security. With cyberattacks surging 40% globally this year and AI supercharging threat capabilities, sources indicate the agency’s diminished capacity creates dangerous gaps in cross-sector defense coordination.
The recent staff reductions at the Cybersecurity and Infrastructure Security Agency have reportedly landed at what industry observers describe as a critical juncture for national digital security. According to analysis from cybersecurity professionals familiar with the situation, CISA functions as the central nervous system connecting government, industry, and critical infrastructure in a shared defense network. When that coordination weakens, organizations depending on timely threat intelligence become incrementally more exposed.
Recent cyberattacks against manufacturers like Jaguar Land Rover and Masimo demonstrate how digital threats have evolved from IT problems to full-scale operational crises. With one manufacturer experiencing a five-week production halt, industry experts warn that lean manufacturing operations face existential risks from inadequate cybersecurity. The shift requires manufacturers to treat cyber resilience as a core business priority rather than just a compliance checkbox.
These days, manufacturing disruptions aren’t coming from mechanical failures or faulty equipment. According to industry analysis, factories are increasingly grinding to a halt because of cyber incidents that target the very systems keeping production lines moving.
Cyberattacks against federal employees have nearly doubled since the government shutdown began October 1, according to security researchers. The crisis exposes critical vulnerabilities in national security infrastructure as financially stressed workers become prime targets for sophisticated phishing campaigns.
Federal cybersecurity defenses are facing their most severe test in recent memory as the government shutdown enters its fourth week. According to analysis from security firm Media Trust, cyberattacks against government agencies have surged by 85% since October 1, with researchers projecting a staggering 555 million attacks by month’s end.
Security researchers are reporting a sophisticated phishing campaign targeting LastPass users with fake death certificate notifications. The attacks leverage the password manager’s legitimate Emergency Access feature to create convincing social engineering scenarios. According to analysis, threat actors are using fake login pages and voice phishing to steal master passwords and stored passkeys.
Security researchers are sounding the alarm about an unusually sophisticated phishing campaign that’s targeting LastPass users with a particularly clever twist: fake death certificate notifications. According to reports from Bleeping Computer, attackers are weaponizing the password manager’s legitimate “Emergency Access” feature to create convincing social engineering scenarios.
Losses from authorized push payment fraud in the UK climbed 12% year-over-year to reach £257.5 million in the first half of 2025, according to new industry data. Investment scams drove the increase with a staggering 55% jump in losses, while romance fraud saw a 35% surge. The findings highlight growing challenges in combating sophisticated social engineering tactics.
British consumers are falling victim to increasingly sophisticated investment scams at an alarming rate, with new industry data revealing a 55% surge in losses from these schemes. According to analysis from UK Finance, the financial services trade association, investment fraud accounted for £97.7 million in losses during the first half of 2025 alone.
