NCSC outlines national cyber shield plans using frontier AI
The NCSC's Cyber Shield initiative is a response to the escalating scale, speed, and sophistication of cyber threats, particularly from state-sponsored actor...
The NCSC's Cyber Shield initiative is a response to the escalating scale, speed, and sophistication of cyber threats, particularly from state-sponsored actor...
GodDamn ransomware uses the signed PoisonX driver to disable security tools, marking a more advanced version of the Beast ransomware family. Symantec’s Threa...
Microsoft has taken apart a destructive Windows backdoor it calls GigaWiper. What stands out is how it is built: not one tool but three older destructive pro...
GigaWiper is a destructive backdoor that combines multiple wiping and ransomware-like capabilities into a single operational platform. This blog analyzes how...
A foreign, financially motivated group was responsible for a cyberattack on state-owned forestry company Latvijas Valsts Mezi (LVM), officials said.
A targeted GodDamn ransomware incident shows the payload is not entirely new but the latest rebrand of a long-running family. Analysis reveals strong code ov...
Cybersecurity researchers have flagged a new ransomware family called GodDamn that employs the PoisonX kernel driver to neutralize security software as part ...
Hackers accessed the institution’s internal network and deleted two drives containing employee, student, and university data. The post Mount Royal University...
A recent technical analysis of an Everest ransomware encryptor reveals a purpose-built, ConfuserEx-protected .NET 4.
A 15-year-old boy asked a chatbot for help - and cancelled nearly 47,000 anime streaming subscriptions in under four hours. Meanwhile, researchers have docum...
The CIRCIA rule mandates that critical infrastructure entities report substantial cyber incidents within 72 hours and ransomware payments within 24 hours.
TeamPCP’s wide-scale supply-chain compromises have materially fueled VECT ransomware operations by supplying a vast archive of stolen CI/CD credentials, resh...
The Gentlemen ransomware underscores a challenge many CISOs face: stopping attackers after they gain an initial foothold. Researchers say the malware can spr...
The CSE's annual report details three foreign "active cyber operations" targeting threats to Canadian national security.
Washington state's chief information security officer, Ralph Johnson, announced his departure from his role in September.
A ransomware-as-a-service gang, an online foreign extremist group and drug traffickers were separately the targets of offensive operations in 2025, according...
The AI agent didn’t accomplish every step in the late June 2026 attack, but it allowed the threat actor to significantly reduce complexity, speed up the temp...
The incident, detailed in a case study by Ransom-ISAC, involved Kairos gaining access to a U.S.
A streaming box should not need a threat model. Neither should a username field, a demo repo, a reset flow, or a browser permission prompt.
Gentlemen, a Go-based ransomware-as-a-service (RaaS) active since mid-2025, has distinguished itself with a potent combination of modern cryptography, aggres...