The increasing sophistication of generative AI tools, such as ChatGPT’s image generation capabilities, enables fraudsters to create realistic counterfeit documents, posing significant risks to the retail industry.
View full story…

The hacking group Slow Pisces, linked to North Korea, is exploiting social engineering tactics on LinkedIn to steal sensitive data from cryptocurrency developers by posing as recruiters and distributing malicious code.
View full story…

UK financial services firms are increasingly focusing on compliance with cybersecurity regulations, driven by complex cyber risks and the upcoming implementation of stringent frameworks like DORA and new FCA rules, while facing external threats and a skills gap in cybersecurity expertise.
View full story…

A comprehensive security service is essential for safeguarding websites from various cyber attacks, including malware, phishing, and DDoS attacks, by implementing strong passwords, keeping software updated, and utilizing HTTPS.
View full story…

A high-severity authentication bypass vulnerability, tracked as CVE-2025-3102, has been found in the OttoKit plugin for WordPress, allowing unauthorized users to create administrative accounts and potentially take over affected websites.
View full story…

The CAB Forum, supported by major industry players like Apple and Google, has announced a significant reduction in the validity period for publicly trusted SSL/TLS certificates, decreasing from 398 days to 47 days by March 15, 2029, to enhance online security and certificate management.
View full story…

North Korean hackers, operating under government direction, are infiltrating major corporations by posing as legitimate remote workers, primarily targeting the tech sector and engaging in financial fraud, intellectual property theft, and extortion campaigns.
View full story…

Organizations increasingly face significant cybersecurity challenges due to their reliance on third-party vendors, with many lacking effective risk management programs and oversight.
View full story…

ResolverRAT is a sophisticated remote access Trojan that exploits phishing tactics to infiltrate healthcare and pharmaceutical organizations worldwide, utilizing advanced evasion techniques and a complex infection process.
View full story…

The US Department of Justice has initiated a Data Security Program aimed at safeguarding government-related data and personal information from foreign adversaries, particularly China, Russia, and Iran, in response to national security threats.
View full story…

Prodaft, a Swiss cybersecurity firm, has launched the SYS initiative to purchase verified dark web accounts, enhancing law enforcement’s visibility into cybercrime networks while providing a safe exit for individuals involved in illicit activities.
View full story…

The revocation of Christopher Krebs’ security clearance by President Trump, following his defense of the 2020 election’s integrity, raises concerns about potential political motivations and implications for national security and the cybersecurity industry.
View full story…

Website security is essential for safeguarding data and user information from various online threats, including web shell attacks, SQL injection, and Cross-Site Scripting (XSS).
View full story…