After Pahalgam Attack, Hacktivists Unite Under #OpIndia

Security experts warn of an “AI vulnerability storm” triggered by the introduction of Anthropic’s Claude Mythos in a new paper from the Cloud Security Alliance (CSA).

As part of the latest “season” of Operation Endgame, a coalition of law enforcement agencies have taken down about 300 servers worldwide, neutralized 650 domains, and issued arrest warrants against 20 targets. Operation Endgame, first launched in May 2024, is an ongoing law enforcement operation targeting services and infrastructures assisting in or directly providing initial…

Proof-of-concept exploit code is publicly available for two other flaws in this month’s Patch Tuesday. In total, the company issued patches for more than 1,150 flaws this year.

Security budgets are lowest in healthcare, professional and business services, retail, and hospitality, but budget growth remained above 5% in financial services, insurance, and tech.

Google has disclosed details of a financially motivated threat cluster that it said “specialises” in voice phishing (aka vishing) campaigns designed to breach organizations’ Salesforce instances for large-scale data theft and subsequent extortion. The tech giant’s threat intelligence team is tracking the activity under the moniker UNC6040, which it said exhibits characteristics that align with

Another adversary picks up the email bombing / vishing Storm-1811 playbook, doing thorough reconnaissance to target specific employees with fake help desk call—this time, over the phone.