WannaCry, the ransomware attack that changed the history of cybersecurity
WannaCry showed how unpatched flaws and leaked cyber tools can cripple global systems, reshaping cybersecurity defenses worldwide. In memory of the day the d...
Defense
20 articles
OpenAI’s Daybreak uses Codex Security to identify risky attack paths
OpenAI Daybreak is the company’s cybersecurity initiative focused on building AI-assisted software defense into the development process from the start. It co...
Google warns artificial intelligence is accelerating cyberattacks and zero-day exploits
Google says hackers now use AI to create exploits, automate attacks, evade defenses, and target AI supply chains at scale.
Poland's intelligence agency thwarts cyberattacks on water treatment plants
Poland's Internal Security Agency reported thwarting multiple sabotage attempts, potentially linked to Russian intelligence services, against military facili...
Python Infostealer Hides in GitHub Releases to Bypass Detection
A stealthy Python-based infostealer campaign that abuses GitHub Releases to host payloads and maintain long-term, low‑visibility access to victim systems. Th...
AI security is repeating endpoint security’s biggest mistake
The security industry is experiencing déjà vu, and most teams haven’t recognized it yet. If you were in the trenches during the early 2000s, you remember the...
Windows CreateFileW API Flaw Could Let Attackers Lock SMB Files at Scale
The multi-billion-dollar ransomware defence industry operates on a fundamental assumption: to cause catastrophic operational damage, malicious actors must wr...
ODINI Malware Uses CPU Magnetic Signals to Exfiltrate Data from Air-Gapped Systems
Air-gapped systems and Faraday cages have long represented the gold standard for protecting critical infrastructure and sensitive military networks. However,...
US military data exposed in leaky directory despite CISA notification
The exposed data, belonging to US government contractor CMI Management Inc., was found via an open directory listing vulnerability following a tip to Cybernews.
Fragmented DDoS campaign bypasses defenses with novel 'low and slow' approach
The attack, identified by DataDome's Galileo threat research team, utilized a vast infrastructure, distributing traffic across over 1.2 million unique IP add...
Boost Security acquires 2 startups, raises $4 million for AI defense platform
Boost Security has acquired SecureIQx, an MIT-founded startup specializing in software composition analysis reachability, and Korbit Technologies, an AI-driv...
AI, Cyberwarfare, and Autonomous Weapons: Inside America’s New Military Strategy
The Pentagon is integrating AI into military operations, transforming cybersecurity, targeting, and command systems into a unified warfare architecture. May ...
New Infostealer Campaign Abuses GitHub Releases to Hide Malware Payloads
A new cyberespionage campaign that abuses GitHub Releases and a PE-less Python implant to steal data from targeted Windows systems quietly. The operation com...
New infosec products of the week: May 8, 2026
Here’s a look at the most interesting products from the past week LastPass, Operant AI, Sysdig, and VIAVI.
A New Era of Security: Frontier AI Defense
Palo Alto Networks introduces Frontier AI Defense to counter autonomous AI cyber threats. Get continuous protection and autonomous remediation against machin...
Boost Security Raises $4 Million for SDLC Defense Platform
The company is expanding its platform’s capabilities with the acquisition of SecureIQx and Korbit.ai.
PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage
Palo Alto Networks has disclosed that threat actors may have attempted to unsuccessfully exploit a recently disclosed critical security flaw as early as Apri...
A DOD contractor’s API flaw exposed military course data and service member records
Researchers say Schemata’s platform exposed names, emails, base assignments, and course materials before the company patched the issue and contacted governme...
Iranian state-backed spies pose as ransomware slingers in false flag attacks
An Iranian state-sponsored espionage group is pretending to be a regular ransomware gang in a new wave of ransomware attacks targeting enterprises. APT group...
ClickFix campaign uses fake macOS utilities lures to deliver infostealers
Threat actors are targeting macOS users with fake utility fixes that trick them into running malicious Terminal commands. This campaign evades traditional de...