New ‘Shade BIOS’ Technique Beats Every Kind of Security
What if malware didn’t require an operating system to function? How would anyone possibly notice, let alone disable it?
-
-
ISC2 Launches New Security Certificate for AI Expertise
ISC2 is launching a 6-course certification program to address the growing demand for AI security expertise. Courses cover topics such as AI fundamentals, ethics, and risks.
-
AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedown
Cybersecurity researchers have flagged a malicious npm package that was generated using artificial intelligence (AI) and concealed a cryptocurrency wallet drainer. The package, @kodane/patch-manager, claims to offer “advanced license validation and registry optimization utilities for high-performance Node.js applications.” It was uploaded to npm by a user named “Kodane” on July 28, 2025. The
-
SIEMs: Dying a Slow Death or Poised for AI Rebirth?
The SIEM market is at a pivotal point as XDR platforms and generative AI shake up the security analytics space.
-
You Are What You Eat: Why Your AI Security Tools Are Only as Strong as the Data You Feed Them
Just as triathletes know that peak performance requires more than expensive gear, cybersecurity teams are discovering that AI success depends less on the tools they deploy and more on the data that powers them The junk food problem in cybersecurity Imagine a triathlete who spares no expense on equipment—carbon fiber bikes, hydrodynamic wetsuits, precision GPS…
-
Storm-2603 Deploys DNS-Controlled Backdoor in Warlock and LockBit Ransomware Attacks
The threat actor linked to the exploitation of the recently disclosed security flaws in Microsoft SharePoint Server is using a bespoke command-and-control (C2) framework called AK47 C2 (also spelled ak47c2) in its operations. The framework includes at least two different types of clients, HTTP-based and Domain Name System (DNS)-based, which have been dubbed AK47HTTP and…
-
CISA Releases Free Thorium Malware Analysis Tool
Thorium enhances cybersecurity teams’ defense capabilities by seamlessly integrating commercial, open-source, and custom tools used to analyze malware.
-
Gen Z Falls for Scams 2x More Than Older Generations
Forget gullible old people — Gen Z is the most at-risk age group on the Web. Older folks might want to ignore it, but employers are likely to feel the brunt.
-
DragonForce Ransom Cartel Profits Off Rivals’ Demise
The fall of RansomHub led to a major consolidation of the ransomware ecosystem last quarter, which was a boon for the DragonForce and Qilin gangs.
-
SafePay Claims Ingram Micro Breach, Sets Ransom Deadline
The ransomware gang claims to have stolen 3.5TB of data, and told the technology distributor to pay up or suffer a data breach.