Hackers Exploit ChatGPT, Claude, DeepSeek Brands in Credential Phishing Attacks
Threat actors are increasingly weaponizing the global fascination with large language models and generative AI by impersonating major AI brands ChatGPT, Anth...
MITRE ATT&CK Mapping
Articles mapped to MITRE ATT&CK techniques. Select a technique to view matching articles.
T1598 — Phishing for Information (Reconnaissance)
Clear filter197 articles found
Attackers exploiting unpatched Cisco SD-WAN flaw
Cisco warns customers of an actively exploited high-severity vulnerability in Catalyst SD-WAN Manager, an enterprise network management system that has been ...
TeamPCP Supply Chain Campaign: Activity Through 2026-06-07, (Mon, Jun 8th)
This diary continues the Internet Storm Center&#;x26;#;39;s tracking of the TeamPCP supply chain campaign, first documented in the SANS white paper When the ...
How managing digital identities has become critical to agentic AI projects
Teams need identity systems that have access control, the ability to limit and revoke privileges, and auditability.
Guardrails for agents: How to secure AI at runtime
Here's how identity security is becoming the enforcement layer for agentic AI.
Microsoft Warns Claude Code GitHub Action May Expose CI/CD Secrets
Anthropic’s Claude Code GitHub Action could unintentionally expose CI/CD workflow secrets when AI agents process untrusted GitHub content. The risk arises be...
Hackers Exploit 2026 FIFA World Cup With Phishing and Ticket Scams
Cybercriminals are already turning the 2026 FIFA World Cup into a fraud opportunity, using phishing pages, fake online stores, and ticket scams to steal mone...
Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack
Microsoft's GitHub repositories have become the latest to fall victim to the ongoing Miasma self-replicating supply chain attack campaign. The incident impac...
Why writing software has become dangerous today
There’s just more code than ever and developers can’t verify everything – we need to make all that code understandable.
PCPJack Exposed: Researchers Uncover 230-Node Cloud Email Relay Network
Researchers uncovered a 230-node cloud-based email relay network after the actor PCPJack accidentally exposed tools, logs, and C2 files online A threat actor...
From AI hype to operational reality: A practitioner’s framework for securing agentic systems
Most organizations already have AI governance discussions underway. They have policies, working groups, acceptable-use guidance, and long lists of principles...
AI tools becoming hot commodities on ransomware marketplaces
Sales of AI-based tools is accelerating within underground ransomware marketplaces, lowering the barrier to entry for new actors in the process. An analysis ...
Quarterly WordPress Threat Intelligence Report – Q1 2026
As the industry leader in WordPress security we have access to attack telemetry and vulnerability intelligence that no other security provider can compare to...
FTC considers setting aside or modifying $150 million privacy penalty against X
Twitter, renamed X in 2023, filed a petition saying that the settlement terms are unfair because the order was issued against a company that “no longer exist...
Your AI agent could become your biggest insider threat
New research details how the increasing integration of AI agents into businesses is making it easier than ever for insiders - malicious or otherwise - to put...
How AI and Evasion Demand a Radical Shift in Network Threat Prevention
The Future of Threat Defense Resides at the IP Layer For years, network security operated on a relatively predictable premise: inspect traffic, identify mali...
Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories
A security researcher found a flaw in Anthropic's Claude Code GitHub Action that let an attacker take over vulnerable public repositories running it, with no...
Chinese Cybercrime Group in Spotlight for Record Campaign Pace
Relying on social engineering, the hacking group engages in credential phishing, malware distribution, and fraud activities. The post Chinese Cybercrime Grou...
Infosecurity Europe: Raise Security Concerns with Procurement Now, Because Quantum Can’t Wait
Forescout VP of security intelligence, Rik Ferguson, warns that Q-day is fast approaching
Hole in GitHub’s browser-based VSCode editor could lead to stolen token
A vulnerability in GitHub’s browser-based VSCode editor could lead to the theft of a developer’s token under certain circumstances, says a researcher. The is...