Amateurish ‘CosmicBeetle’ Ransomware Stings SMBs in Turkey
With an immature codebase and a "rather chaotic encryption scheme" prone to failure, the group targets small businesses with custom malware.
Wiz Launches Wiz Code Application Security Tool
Wiz Code identifies and flags cloud risks in code to help improve collaboration between security and development teams.
India Needs Better Cybersecurity for Space, Critical Infrastructure
As attacks on satellites rise with nation-state conflicts, the South Asian nation joins other space-capable countries in doubling down on cybersecurity.
‘Trial’ DDoS Attacks on French Sites Portend Greater Olympics Threats
Russian hacktivists claim DDoS attacks against basic tourist websites. Is it real, or just smoke and mirrors?
Healthcare Providers Must Plan for Ransomware Attacks on Third-Party Suppliers
The American Hospital Association and Health-ISAC issued a joint threat bulletin warning healthcare IT providers that their ransomware plans need to consider third-party risk.
‘0.0.0.0 Day’ Flaw Puts Chrome, Firefox, Mozilla Browsers at RCE Risk
Attackers can use a seemingly innocuous IP address to exploit localhost APIs to conduct a range of malicious activity, including unauthorized access to user data and the delivery of malware.
Startup Spotlight: Knostic Tackles AI’s Oversharing Problem
Cybersecurity startup Knostic, a finalists in this year’s Black Hat USA Startup Spotlight competition, adds guardrails to how AI uses enterprise data to ensure sensitive data does not get leaked.
China’s APT41 Targets Taiwan Research Institute for Cyber Espionage
The state-sponsored Chinese threat actor gained access to three systems and stole at least some research data around computing and related technologies.
US Data Breach Victim Numbers Increase by 1,000%, Literally
Though the number of victims has risen, the actual number of breaches has gone down, as fewer, bigger breaches affect more individuals.
Iranian Cyber Threat Group Drops New Backdoor, ‘BugSleep’
The group — which has targeted Israel, Saudi Arabia, and other nations — often uses spear phishing and legitimate remote management tools but is developing a brand-new homegrown toolset.



