Stock exchange executive’s Outlook mailbox stolen over course of 5 months
The approximately 150-day espionage campaign incrementally exfiltrated emails to cloud services.
SC Media
20 articles
Microsoft Edge retires master password feature, adopts passkeys and biometrics
As of June 4, Microsoft will disable the master password feature in Edge, replacing it with device-based authentication such as Windows Hello, which includes...
Spanish hacker Alcasec sentenced to prison for stealing banking details
Spanish hacker José Luis Huertas, known online as Alcasec, has been sentenced to two years and seven months in prison after accepting a plea deal.
Google rolls out scam call detection for Android
The fake call detection feature works automatically when both the caller and recipient are using the Phone by Google app.
WP Engine adds bot management to Global Edge Security
The new bot management features, integrated with Cloudflare Inc., allow website teams to create and implement rules for blocking or permitting bot traffic ba...
Russia FSB claims foreign intelligence used malware on officials' phones
The FSB stated that the operation exploited the capabilities of unspecified "major international IT corporations" to extract sensitive information from targe...
Unpatched Windows search URI handler issue leaks NTLMv2 hashes
The newly identified issue, similar to a previously patched vulnerability in the Windows Snipping Tool (CVE-2026-33829), resides in the search URI handler.
Acer addresses critical zero-day vulnerabilities in Wave 7 routers
The first vulnerability, CVE-2026-49200, is a broken access control flaw that allows unauthenticated attackers to access plaintext credentials from log archi...
Law enforcement arrests 29 in crackdown on illegal streaming operations
The operation successfully led to the removal of more than 27,000 illegal streaming URLs distributing copyrighted sports, film, and television content.
New HTTP/2 Bomb attack can take down web servers in seconds
Cisco Cloud Control AI defense suite aims to counter Mythos-level threats
Cisco's new Cloud Control suite enables businesses to create AI agents designed to monitor systems and block potential exploitation attempts.
CISA adds Android and Linux kernel flaws to exploited vulnerabilities catalog
The vulnerabilities added are CVE-2022-0492, a Linux kernel improper authentication flaw with a CVSS score of 7.0, and CVE-2025-48595, an Android framework i...
How to Govern AI Agents Using Non-Human Identity Principles
Trump executive order on AI calls for voluntary 30-day review period
Trump AI order proposes a 30-day voluntary review of frontier models before public release.
WeedHack malware campaign targets over 116,000 Minecraft players
The WeedHack malware is distributed through malicious Minecraft-related mods, clients, and utilities promoted via YouTube and search engine poisoning.
MazeBolt launches AI module to simulate novel DDoS attack vectors
The RADAR VectorAI module operates on MazeBolt's existing RADAR platform, continuously simulating DDoS traffic without disrupting services.
AI accelerates development of ransomware toolkit with EDR evasion capabilities
The toolkit, discovered by Sophos, includes features such as Cobalt Strike profiles to disguise beacon traffic, a Telegram bot API for command and control, P...
79% of companies say they're ready to detect AI bots, 23% actually are
Here’s how we can close the AI bot detection gap in a way that works.
Anthropic grants Mythos access to 150 more organizations, plans wider release
Project Glasswing partners discovered more than 10,000 vulnerabilities in its first month.