AI-driven malware has emerged sooner than anticipated, with the first identified ransomware using AI for local tasks now found. ESET reports that the AI-powered ransomware is currently just a proof-of-concept and still in progress, but it seems to have all the features of traditional ransomware. Dubbed PromptLock, the malware is …
Read More »Salt Typhoon To Exploit Cisco, Palo Alto, Ivanti Flaws to Breach 600 Org Globally
The China-linked APT group Salt Typhoon is still attacking networks globally, focusing on telecommunications, government, transportation, hospitality, and military sectors. “While these actors focus on large backbone routers of major telecommunications providers, as well as provider edge (PE) and customer edge (CE) routers, they also leverage compromised devices and trusted …
Read More »Breaking the Passkey: SquareX Discloses Major Passkey Vulnerability at DEF CON 33
It is no secret that passwords are highly susceptible to phishing and brute force attacks. This led to the mass adoption of passkeys, a passwordless authentication method leveraging cryptographic key pairs that allows users to log in with biometrics or a hardware key. According to FIDO, over 15 billion accounts …
Read More »Why SIEM Rules Fail and How to Fix: Insights from 160M Attack Simulations
SIEM systems are essential for detecting suspicious activity in enterprise networks, enabling real-time responses to potential attacks. However, the Picus Blue Report 2025 indicates that organizations only detect 1 in 7 simulated attacks from over 160 million simulations, highlighting a serious gap in threat detection and response. Many organizations think …
Read More »By 2033, Microsoft to Make All Products Quantum Safe
Microsoft will introduce quantum-safe solutions in its products by 2029 and plans for full implementation by 2033. This is two years before the 2035 deadline for fully transitioning to post-quantum cryptography (PQC) set by various governments worldwide. The updated timeline is now part of the Microsoft Quantum Safe Program (QSP), …
Read More »SafeLine: A Free Zero Trust Web Application Firewall for 2026
SafeLine gained remarkable popularity on GitHub in 2025, boasting 17.5k stars—making it the highest starred WAF project of the year. Its adoption is extensive, with more than 400,000 instances deployed worldwide, spanning enterprises, educational institutions, government agencies, and hobbyists. Developed by Chaitin Tech, SafeLine is designed as a next-generation web …
Read More »Copilot Breaks Your Audit Log, but Microsoft Won’t Tell the customer
A significant security vulnerability has been discovered in Microsoft’s Copilot for M365 that allowed users, including potential malicious insiders, to access and interact with sensitive files without leaving any record in the official audit logs. After patching the flaw, Microsoft has reportedly decided against issuing a formal CVE or notifying …
Read More »
Spotlight: Asia, Europe and USA
Crypto24 To Bypass EDR, Including Trend Micro’s Vision One platform
Researchers have identified a new Crypto24 ransomware campaign, which they describe as a “dangerous evolution” in cybersecurity threats. According to Trend Micro researchers, recent attacks by Crypto24 actors display a combination of advanced evasion techniques and custom tools that can disable EDR solutions — including Trend Micro’s own Vision One …
Read More »HexStrike AI Connects ChatGPT, Claude, Copilot with 150+ Security Tools
HexStrike AI, a new tool, aims to connect large language models (LLMs) with practical cybersecurity operations.The latest release, v6.0, provides AI agents like OpenAI’s GPT, Anthropic’s Claude, and GitHub’s Copilot with over 150 advanced security tools for independent penetration testing, vulnerability research, and bug bounty automation. This advanced framework serves …
Read More »Google Confirms Data Breach: Notifying Affected Users
Google confirmed that a recent data breach in one of its Salesforce CRM systems exposed information about potential Google Ads customers. “We’re writing to let you know about an event that affected a limited set of data in one of Google’s corporate Salesforce instances used to communicate with prospective Ads …
Read More »
InfoSecBulletin Cybersecurity for mankind