Threat actors are increasingly targeting unpatched public-facing applications and utilizing web shells and remote access tools to gain initial access, marking a significant shift in attack tactics.
Recent vulnerabilities in China’s DeepSeek AI model, including susceptibility to jailbreaking tactics and potential reliance on OpenAI’s technology, raise significant ethical and legal concerns regarding AI security and data integrity.
Operation Talent, led by Germany’s BKA and supported by international partners, successfully shut down the prominent cybercrime forums Cracked.io and Nulled.to, seizing critical infrastructure and arresting key individuals involved in the illegal activities.
Security researchers have identified a novel attack method called “browser syncjacking,” which allows malicious browser extensions to take complete control of a user’s browser and device with minimal user interaction by exploiting permissions typically granted to extensions.
Chinese generative AI platform DeepSeek suffered a significant security breach due to an exposed backend database, leaking sensitive information including user chat histories and API keys to the internet.
New York Blood Center Enterprises is facing significant service disruptions due to a ransomware attack, exacerbating existing blood supply shortages and prompting urgent calls for donations.
