When they strike cryptocurrency-related targets, North Korean hacking groups are increasingly aiming for large services where a single breach can move serious money, a new Chainalysis report on crypto... Read more »

Apiiro introduced Apiiro AI SAST, a new approach to static application security testing (SAST) that automates code risk detection, validation and fixes with the precision and cognitive process of... Read more »

AppGate announced the launch of Agentic AI Core Protection, a new capability within AppGate ZTNA designed to secure AI workloads deployed in enterprise core environments across on-prem and cloud... Read more »

Between June 2024 and December 2025, Fortra analysts tracked a persistent business email compromise (BEC) operation that we have now classified as Scripted Sparrow. The group carries out well-crafted... Read more »

Attackers are targeting Microsoft 365 users with device code authorization phishing, a technique that fools users into approving access tokens, Proofpoint warns. The method abuses Microsoft’s OAuth 2.0 device... Read more »

Miggo Security has released a new report that examines how web application firewalls are used across real-world security programs. The research outlines the role WAFs play as foundational infrastructure... Read more »

ESET Research has identified a previously undocumented China-aligned advanced persistent threat group that uses Windows Group Policy to deploy malware and move through victim networks. The group, tracked as... Read more »

Concentric AI announced expanded Private Scan Manager functionality in its Semantic Intelligence data security governance platform. Customers now have the ability to deploy Semantic Intelligence within their own private... Read more »

Push Security announced the release of a new feature designed to tackle one of the fastest-growing cyber threats: ClickFix-style attacks. The company’s latest innovation, malicious copy-and-paste detection, blocks users... Read more »