WASHINGTON, D.C. — The U.S. Department of Justice (DoJ) has charged a Yemeni national with orchestrating a global ransomware campaign that compromised roughly 1,500 computer systems, including critical infrastructure in the United States. Rami Khaled Ahmed, 36, of Sana’a, Yemen, faces federal charges including conspiracy, intentional damage to a protected computer, and threatening to damage […]
COBB COUNTY, Ga. — A cybersecurity breach in Cobb County has escalated after hackers released sensitive data stolen during a ransomware attack in March. According to a Georgia-based cybersecurity expert, the attackers are now demanding a ransom, giving the county until Friday to pay up. Initially, Cobb County officials downplayed the incident, describing it as […]
New reports have found serious security risks in several popular AI systems. These risks could allow hackers to bypass safety features in AI tools, leading to the creation of harmful or illegal content. One of these risks, called Inception, works by asking the AI to imagine a fake scenario. Once the AI is in this […]
In 2024, Google found that hackers were able to use 75 serious security flaws in software before they were fixed. These flaws are known as zero-days because they are discovered and used by hackers before the company has a chance to fix them. While the number of zero-days was lower than in 2023 (98 flaws), […]
Cybersecurity company SentinelOne has revealed that a group of hackers linked to the Chinese government tried to break into its systems and gather information about the company and some of its most important customers. The hacker group, called PurpleHaze, first caught SentinelOne’s attention in 2024 during an incident involving a company that handled equipment for […]
Enterprise data backup provider Commvault has confirmed that a nation-state threat actor exploited a zero-day vulnerability—CVE-2025-3928—to breach its Microsoft Azure environment. However, the company stressed that there is no evidence of any unauthorized access to customer backup data. “This activity impacted a small number of customers that we share with Microsoft,” Commvault stated in an […]
A year after introducing passkey support for consumer accounts, Microsoft is taking a major step toward a passwordless future by setting passkeys as the default sign-in method for all new accounts. “From now on, brand-new Microsoft accounts will be passwordless by default,” announced Microsoft executives Joy Chik and Vasu Jakkal. “New users will have multiple […]
A new supply chain attack targeting budget Android smartphones has been uncovered, involving pre-installed, trojanized versions of WhatsApp and Telegram designed to hijack cryptocurrency transactions. According to cybersecurity researchers at Russian antivirus firm Doctor Web, the campaign—active since June 2024—involves Chinese-manufactured Android devices shipped with malicious apps disguised as popular messengers, containing crypto-clipping malware to […]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security vulnerability affecting SonicWall Secure Mobile Access (SMA) 100 Series devices to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The flaw, tracked as CVE-2021-20035 and carrying a CVSS score of 7.2, is a high-severity command injection vulnerability. It allows remote, […]
Browser extensions have become an integral part of employees’ daily workflows—ranging from spell checkers to AI productivity tools. However, a new report from LayerX highlights a growing blind spot in enterprise security: the vast majority of these extensions come with excessive permissions that could expose sensitive organizational data. Released today, the Enterprise Browser Extension Security […]