Qualcomm has addressed 17 vulnerabilities, including three critical ones, and warned about actively exploited zero-day vulnerabilities in their components, urging OEMs to promptly deploy patches.
View full story…

Global spending on security and risk management is projected to reach $215 billion in 2024, driven by factors such as the adoption of cloud technology, the rise of hybrid workforces, the use of generative AI, and the evolving regulatory environment.
View full story…

Russian hacktivist groups, such as KillNet and NoName, are carrying out DoS and DDoS attacks against public and private organizations in Ukraine and NATO member countries, with the goal of drawing attention to their political cause and escalating the conflict.
View full story…

The National Security Agency (NSA) has created an AI Security Center to ensure the secure integration of AI technology into U.S. security infrastructure, collaborating with industry, academia, and international partners to defend against cyberattacks.
View full story…

Over half of cybersecurity professionals report a rise in cyber-attacks, primarily due to a lack of human resources, while organizations face a global workforce shortfall of 3.4 million in cybersecurity, highlighting the urgent need for proactive measures to strengthen defenses and address the skills gap.
View full story…

The Chartered Institute of Information Security (CIISec) has received funding from the UK government to triple the number of students enrolled in its CyberEPQ programme, aiming to attract a more diverse range of talent into the cybersecurity industry and incorporate advancements in artificial intelligence, quantum computing, and blockchain.
View full story…

Industry experts express concerns over potential misuse of disclosed vulnerabilities by governments for intelligence or surveillance purposes in the EU’s Cyber Resilience Act.
View full story…

The FBI issues a warning about the increasing use of dual ransomware attacks and custom data theft tools by cybercriminals, posing significant harm to compromised systems and organizations.
View full story…

ESET researchers have discovered LightlessCan, a new backdoor malware used by the state-sponsored threat group Lazarus Group for cyber espionage purposes, highlighting their evolving capabilities and the ongoing threat they pose.
View full story…

Over half of IT decision makers identify data theft as their biggest concern, surpassing ransomware attacks, according to a survey conducted by Integrity 360.
View full story…

Zscaler ThreatLabz has discovered a new fileless loader malware called BunnyLoader, which is being actively developed and poses a challenge for experts due to its fileless execution.
View full story…

A recent report by Noname Security reveals that 74% of organizations have experienced at least three API-related data breaches in the past two years, highlighting the increasing number of API security incidents and the need for proactive measures to mitigate risks.
View full story…

PCI DSS v4.0 is being developed to combat cybercrime and enhance payment information security, with a focus on authentication, encryption, monitoring requirements, and testing of critical controls.
View full story…

Zanubis is a sophisticated Android banking trojan that disguises itself as legitimate apps, gains full control over devices, and poses a significant threat to financial and cryptocurrency users in Peru.
View full story…