A recent malvertising campaign has been exposed, where threat actors take over social media pages, rebranding them as popular AI photo editors and posting malicious links to fake websites.

The caller ID spoofing service, which was established in 2021, is believed to have caused financial losses in the tens of millions and had around 170,000 victims in Britain.

A security audit sponsored by the Open Tech Fund in August 2023 revealed 25 vulnerabilities in Homebrew. The audit found issues that could have allowed attackers to execute code, modify builds, control CI/CD workflows, and access sensitive data.

Access to timely and accurate threat intelligence is essential for organizations, but it can be overwhelming to navigate the vast amount of available data and feeds. Balancing comprehensive information with relevance is crucial.

Google Chrome has implemented app-bound encryption to enhance cookie protection on Windows and defend against infostealer malware. This new feature encrypts data tied to app identity, similar to macOS’s Keychain, to prevent unauthorized access.

Credo AI, a startup specializing in artificial intelligence governance software, recently closed a $21 million Series B funding round led by CrimsoNox Capital, Mozilla Ventures, and FPV Ventures.

The FortiGuard Labs team has discovered a malicious PyPI package that poses a significant risk to individuals and institutions by potentially leaking credentials and sensitive information.

A cyberespionage group known as XDSpy targeted Russia and Moldova with new malware. The group sent phishing emails to Russian targets, including a tech company and an organization in Transnistria.

The Senate Armed Services Committee has approved Michael Sulmeyer, the Army’s top digital adviser, as the inaugural assistant secretary of defense for cyber policy, paving the way for his nomination to the Senate floor for a vote.