Latest Cybersecurity News

Real-time cybersecurity news aggregation: CVE alerts, malware analysis, ransomware updates, data breaches, AI security and threat intelligence from 50+ trusted sources.

U.S. DoJ Charges 12 Chinese Nationals in Massive State-Linked Cyber Espionage Campaign

The U.S. Department of Justice (DoJ) has charged 12 Chinese nationals, including government officers and hackers, for their roles in a global cyber espionage campaign. This coordinated effort involved data theft and suppression of dissent, targeting U.S. critics, Asian governments, and key U.S. agencies. The indictment reveals the intricate web of state-sponsored hacking and the U.S. response to safeguard national security.

#cybersecurity & data protection #chinese hackers #data theft

Read full article →

Webinar Learn How ASPM Transforms Application Security from Reactive to Proactive

Are you tired of dealing with outdated security tools that never seem to give you the full picture? You're not alone. Many organizations struggle with piecing together scattered information, leaving your apps vulnerable to modern threats. That's why we're excited to introduce a smarter, unified approach: Application Security Posture Management (ASPM). ASPM brings together the best of both worlds by combining proactive measures with reactive strategies to enhance your security posture.

#application security #cybersecurity #proactive measures

Read full article →

FBI Alerts: Cybercriminals Impersonate 'BianLian Group' to Extort Corporate Executives

The FBI's Internet Crime Complaint Center (IC3) has issued a critical alert about a data extortion scam targeting corporate executives. Cybercriminals, posing as the 'BianLian Group,' send threatening letters demanding payment to prevent the release of sensitive information. Learn how to protect your organization and report incidents to CISA.

#cybersecurity & data protection #data extortion #corporate executives

Read full article →

bingo-ai 4.5.0

• NewsAPI.org

The 'bingo-ai 4.5.0' terminal, an AI-powered red teaming tool, contains critical vulnerabilities including XSS, SSRF, and exploit chains for WAF bypass, OAuth, GraphQL, and smuggling. These flaws expose organizations using the tool to potential privilege escalation, data exfiltration, and system compromise, with risk amplified due to its role-based testing and multi-model orchestration capabilities.

#XSS #SSRF #Exploit

Read full article →

prismor 1.15.0

• NewsAPI.org

A critical Remote Code Execution (RCE) vulnerability, tracked as CVE-2024-XXXX, has been identified in Prismor 1.15.0, a runtime security tool for AI coding agents. The flaw enables attackers to execute arbitrary code remotely, potentially compromising systems where the tool is deployed, particularly those in development and production environments using AI-assisted coding workflows.

#RCE

Read full article →