Bryson Bort, founder of SCYTHE, discusses the rise of ransomware gangs and why supply chain security is becoming increasingly critical. His military background gives him unique insight into modern cyber threats.
Brazil is facing a massive banking trojan outbreak targeting WhatsApp desktop users. The malware self-replicates through contact lists and specifically checks if victims are in Brazil before attacking. Hundreds of organizations have already been infected.
The world’s most valuable AI companies are leaving their digital front doors wide open. According to new research, sensitive credentials that could expose private models and training data are sitting in plain sight on GitHub. This represents a fundamental security breakdown in an industry racing ahe
Google has released an emergency Chrome security update addressing CVE-2025-13042, a critical V8 engine vulnerability. The patch impacts all 3.5 billion Chrome users across Android, Linux, Mac, and Windows. Users need to manually check for updates and restart their browsers immediately.
The UK government is introducing legislation that would allow regulators to levy massive fines on companies that fail to meet cybersecurity requirements. The new rules target critical infrastructure sectors and require 24-hour breach reporting. Companies could face penalties up to 4% of annual turno
Microsoft’s November Patch Tuesday addresses 63 vulnerabilities, including one actively exploited zero-day and a critical remote code execution bug. The update is significantly smaller than October’s record 175 CVEs but contains several high-priority fixes that demand immediate attention from securi
America’s cyber defense agency has issued an urgent warning to Samsung smartphone users. A critical vulnerability in Android’s image processing has been exploited to install commercial-grade spyware. Federal agencies must patch within 21 days – and everyone else should too.
A new side-channel attack called Whisper Leak can infer the topics of your encrypted AI conversations by analyzing network patterns. While some providers have implemented fixes, others including Anthropic, AWS, and Google remain vulnerable. The attack poses particular risks for users in oppressive r
Organizations are fixing critical vulnerabilities faster than ever, with 89% resolved within 30 days compared to 75% last year. But high-severity issues have jumped nearly 20% as AI helps attackers weaponize flaws more quickly. The pressure on security teams continues to mount despite process improv
Attackers now move through networks in minutes while defenders take days to verify threats. This speed asymmetry is making traditional security models obsolete. The solution might be shifting to continuous response systems.
