The Hacker News

Microsoft Warns OAuth Redirect Abuse Delivers Malware to Government Targets

While some of the campaigns have been found to leverage the technique to deliver malware, others send users to pages hosted on phishing frameworks such as EvilProxy, which act as an ...
Cyber Defense Magazine

The New AI Arsenal: Why LLMs and Transformers Matter for CISOs

As Chief Information Security Officers (CISOs) and security leaders, you are tasked with safeguarding your organization in an era where generative AI and ...

U.S. military contractor likely built iPhone hacking tools used by Russian spies in Ukraine

Google found a series of hacking tools they said were used by a Russian espionage group and a cybercriminal group in China.

A suite of government hacking tools targeting iPhones is now being used by cybercriminals

Security researchers say exploits used by governments to hack into Apple iPhones have been found used by cybercriminals. They ...
Nextgov

Potential US-built hacking tools obtained by foreign spies and cybercriminals, research says

Verify has described the activity as the “first known mass iOS attack” campaign of its kind. Google said fragments of the exploit first appeared last February, with ties to an unnamed “customer of a ...
The Hacker News

ThreatsDay Bulletin: OAuth Trap, EDR Killer, Signal Phishing, Zombie ZIP, AI Platform Hack & More

ThreatsDay: OAuth abuse, Signal hijacks, Zombie ZIP evasion, Teams malware, AI hack, RondoDox botnet, and more cyber stories.
Deadline.com

‘Interview’ Hack, Clinton Scandals, “WTF” Email To Brad Pitt & More Analyzed In New Book Co-Written By Ex-Sony CEO Michael Lynton

Michael Lynton, former CEO of Sony Pictures Entertainment, says the nightmarish 2014 hack of the studio’s computer systems can be traced directly to his childhood yearning to “fit in with the cool ...
Couriermail

Australian intelligence official sentenced to seven years in prison in US for selling hacking and surveillance tools

The US Justice Department said Peter Williams received an 87-month prison term, followed by three years of supervised release with special conditions. He was convicted of selling eight trade secrets.

Google: Cloud attacks exploit flaws more than weak credentials

Hackers are increasingly exploiting newly disclosed vulnerabilities in third-party software to gain initial access to cloud environments, with the window for attacks shrinking from weeks to just days.
eWeek

Block's AI Layoffs Hint at a New Corporate Playbook

They explore how automation, AI, and integrated platforms are helping finance teams tackle today’s biggest challenges, from ...