145 AI laws passed in 2025 and privacy teams aren’t catching a break
145 AI-related laws were enacted by state legislatures in 2025, and more than 1,000 additional bills were introduced or revised, according to DataGrail’s Pri...
Transportation
20 articles
Press Release: CSO30 ASEAN & Hong Kong Awards 2026 open for nominations
>The CSO30 ASEAN & Hong Kong Awards return in 2026, as an important moment to recognise the cybersecurity leaders and teams who are making resilience measura...
Unidentified RAT pushes NetSupport RAT, (Mon, Jun 1st)
Introduction
CVE-2026-0257: Rapid7 Caught Attackers Abusing Forged VPN Cookies Against Multiple Customers
CVE-2026-0257 lets attackers forge Palo Alto GlobalProtect auth cookies and bypass VPN login. Exploitation confirmed since May 17.
Exploit Code Published for Critical Flowise RCE Vulnerability
The one-click vulnerability allows attackers to execute arbitrary code on self-hosted Flowise servers by tricking users into importing a malicious chatflow. ...
Signal Phishing Campaign Targets Journalists and Activists to Steal Backup Recovery Keys
Attackers are texting Signal users posing as Support, asking for backup recovery keys. Once obtained, they can decrypt the entire message history, not just f...
Botnet of 17 Million Devices Dismantled in the Netherlands
Dutch authorities seized 200 servers running a 17-million-device botnet linked to proxy service Asocks. Dutch authorities have taken offline a massive botnet...
Botnet of 17 Million Devices Dismantled in the Netherlands
Dutch authorities seized 200 servers running a 17-million-device botnet linked to proxy service Asocks. Dutch authorities have taken offline a massive botnet...
SideCopy Deploys Persistent XenoRAT Against Afghanistan Finance Ministry
Pakistan-linked threat actor SideCopy has launched a highly targeted spear-phishing campaign against Afghanistan’s Ministry of Finance (MoF). The operation s...
Malicious npm packages abuse dependency confusion to profile developer environments
A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details...
Wordfence Bug Bounty Program Monthly Report – March 2026
In March 2026, the Wordfence Bug Bounty Program received 1718 vulnerability submissions from our growing community of security researchers working to improve...
DNS-AID will make AI agents easier to discover, says Linux Foundation
As AI agents become more numerous and more communicative, keeping track of where to find them is becoming increasingly important. Numerous proprietary agent ...
From $5 Attacks to Botnet-Powered Platforms: Inside the DDoS-as-a- Service Market
DDoS attacks are increasingly being sold like subscription services, complete with pricing tiers, support, and reseller programs. Flare explores how the DDoS...
Dutch govt disrupts malware botnet with 17 million infected devices
Dutch authorities have taken offline a massive botnet of 17 million devices and seized more than 200 servers at a local provider that supported the operation...
Dutch police disrupts botnet composed of 17 million devices
The Dutch National Police and the country’s National Cyber Security Center (NCSC) have taken offline 200 servers controlling a botnet of 17 million devices, ...
GREYVIBE Threat Actors Use ChatGPT and Google Gemini to Scale Cyberattack Operations
Threat actors are increasingly turning to generative AI tools such as ChatGPT and Google Gemini to accelerate cyberattack operations, lowering technical barr...
What 2,000 Exposed Vibe-Coded Apps Reveal About the Limits of Most Security Stacks
Shadow AI used to mean employees pasting things they shouldn't into ChatGPT. It now means something bigger: employees building full applications with AI, wir...
Infosecurity Europe: CyCOS Project Expands to Support UK SMEs as CIISec Takes Over
From a research-driven pilot, the Cybersecurity Communities of Support (CyCOS) is about to be handed over to CIISec
Cybersecurity trends in SEC filings
In 2023, the Securities and Exchange Commission (SEC) required public companies to include a new section in their 10-K annual filings that is devoted to cybe...
Police arrest man following hack of Ajax football club
Dutch police have arrested a 35-year-old man suspected of hacking into the computer systems of Amsterdam football giant Ajax, after the personal data of hund...