Advanced Persistent Threat (APT) stories
Public agencies risk ransomware within seconds as attackers exploit identities, cloud tools and virtualisation layers, Google warns.
Sensitive physics and engineering research at US and Canadian universities may have been exposed after hackers used Roundcube flaws to enter mail servers.
Rising Mac adoption has left many security teams short of Apple-specific expertise, prompting Jamf to add dedicated threat hunting and investigations.
Almost half of ransomware victims discovered breaches only after data theft, underscoring how attackers are evading detection for weeks.
The scam network's fake texts may have reached millions of Android users, with authorities linking it to major card theft and losses.
Healthcare providers face a new malware route as Varist's engine scans DICOM, HL7 and FHIR files for hidden threats in imaging systems.
A near-decade of undetected access raises fresh concern after investigators found the group had hidden in a disconnected network since 2016.
BlueVoyant says a ClickFix malware campaign using fake browser updates is linked to the Rapid Brigantine ransomware ecosystem.
Older, internet-facing IIS servers are being singled out by China-linked hackers, with one new cluster able to persist despite partial containment.
Nearly 100 organisations were hit in a six-week phishing spree that used GitHub repositories and Visual Studio Code tools to infect developers.
CrowdStrike said state-backed espionage and extortion are surging as AI assets inside tech groups draw hackers seeking code, models and access.
Businesses in Europe and Africa now face localised phishing and malware attacks from a suspected China-aligned group that has widened beyond Asia.
The report says Chinese threat groups are now tracking oil, reconstruction and strategic technologies across Venezuela, Syria, South Korea and the Gulf.
European ministries face a stealthier cyber-espionage campaign as Webworm shifts to Discord and Microsoft cloud tools to steal data.
Repeat breaches exposed an Azerbaijani oil and gas operator to espionage as FamousSparrow exploited Microsoft Exchange flaws for two months.
AI is now being used to write exploits and malware, with Google saying it has traced the first zero-day linked to machine assistance.
Security teams face a broader threat as criminals and state-backed actors use generative AI to speed hacks, phishing and malware.
Quantum theft could expose sensitive records years from now, turning today's encrypted files into a board-level liability for Kiwi firms.
The strain's self-checking code and file-wiping routine could make recovery harder for victims while giving investigators a rare attribution clue.
Attackers are now moving fast enough that patching delays, standing privilege and inherited trust leave organisations exposed within minutes.