CrowdStrike, a leading cybersecurity firm, has uncovered a phishing campaign that uses its own branding to distribute cryptocurrency-mining malware.

The cyber threat group known as Cloud Atlas, also referred to as Clean Ursa, Inception, Oxygen, and Red October, has been observed using a newly identified malware called VBCloud in its recent attack campaigns.

The rapid adoption of generative AI (GenAI) has prompted a seismic shift in how organizations approach application security. A report by Cycode reveals that 72% of security leaders agree a complete reset of strategies is essential to address the challenges posed by AI.

The total value of cryptocurrency theft rose by 21% in 2024 compared to the previous year, though it remains significantly lower than the staggering $3.7 billion stolen in 2022.

The FBI has issued a Private Industry Notification (PIN) regarding new malware campaigns targeting Chinese-branded webcams and DVRs, using a remote access trojan (RAT) called HiatusRAT.

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a binding operational directive (BOD 25-01) requiring federal civilian agencies to secure their Microsoft cloud environments.

Cybersecurity researcher Jeremiah Fowler uncovered an unprotected database belonging to Care1, a Canadian provider of AI-driven software solutions for optometrists.