Tag: intelligence
-
Google says 90 zero-days were exploited in attacks last year
Google Threat Intelligence Group (GTIG) tracked 90 zero-day vulnerabilities actively exploited throughout 2025, almost half of them in enterprise software and appliances. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-says-90-zero-days-were-exploited-in-attacks-last-year/
-
Google uncovers Coruna iOS Exploit Kit targeting iOS 1317.2.1
Google warns of the Coruna iOS exploit kit, using 23 exploits across five chains to target iPhones running iOS 1317.2.1, but not the latest iOS. Google’s Threat Intelligence Group has identified a powerful new iOS exploit kit called Coruna (also known as CryptoWaters) that targets Apple iPhones running iOS versions 13.0 through 17.2.1. The kit…
-
What to Expect from Iran’s Digital Counterstrike
Tags: attack, breach, cloud, communications, cyber, cyberattack, cybersecurity, data, defense, espionage, exploit, extortion, finance, government, group, hacking, infrastructure, intelligence, international, iran, leak, middle-east, military, network, ransomware, risk, risk-assessment, service, tool, update, vulnerability, wormAfter the United States and Israel began a bombing campaign on Iran, leading to the decapitation of its political and military leaders, the Middle East has erupted into waves of kinetic warfare. But what should we expect about cyber? Iran has a formidable offensive cybersecurity capability and is considered one of the four most aggressive…
-
Intelligence Compromised: Data Abyss Report Details China’s Exploitation of U.S. IARPA Research
The post Intelligence Compromised: Data Abyss Report Details China’s Exploitation of U.S. IARPA Research appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/intelligence-compromised-data-abyss-report-details-chinas-exploitation-of-u-s-iarpa-research/
-
Why AI, Zero Trust, and modern security require deep visibility
Tags: ai, cyber, cybersecurity, data, detection, incident response, intelligence, soc, strategy, threat, tool, zero-trust72% of organizations say NAV is essential for proactive threat hunting and reactive incident response69% say a NAV solution is vital to their threat detection and incident response processThis isn’t about adding more gadgets to the SOC. It’s about strengthening the foundation that the SOC stands on.When visibility is weak, every advanced capability becomes unstable:AI…
-
The 10-hour problem: How visibility gaps are burning out the SOC
An alert firesThe context is partialThe data is dispersedThe logs are incompleteThe analyst starts correlating manually This is the invisible cost of poor visibility.Every alert becomes a puzzle, and analysts become professional puzzle-solvers. But puzzles don’t scale. Not when attacks move faster than your reconstruction speed.The hidden cost of insufficient NAVThe Forrester study shows that…
-
US Says Cyber Operations Underpinned Assault on Iran
Separately, Iran Tied to IP Camera Hacks for Targeting and Battle Damage Assessment. U.S. military cyber operations underpinned the first part of the country’s joint strike with Israel against Iran on Saturday. Since then, experts see signs of at least low-level cyber operations to support intelligence-gathering for kinetic attack targeting. First seen on govinfosecurity.com Jump…
-
Iranian-U.S./Israeli Hostilities Lead to Increased Threat Landscape
Tags: attack, credentials, cyber, data-breach, disinformation, espionage, exploit, intelligence, iran, phishing, risk, theft, threatOverview Iranian”‘aligned cyber actors pose an elevated near”‘term risk due to their history of espionage, credential theft, disruptive attacks, and high”‘visibility “hacktivist” and disinformation operations, often targeting U.S. and allied interests through phishing, exploitation of exposed systems, and social manipulation. Given the current active hostilities between Iran and the U.S./Israeli-led coalition, threat intelligence indicates activity”¦…
-
The CTEM Divide: Why 84% of Security Programs Are Falling Behind
Originally published on the Hacker News here. A new 2026 market intelligence study of 128 enterprise security decision-makers (available here) reveals a stark divide forming… First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/the-ctem-divide-why-84-of-security-programs-are-falling-behind/
-
Iranian cyberattacks fail to materialize but threat remains acute
Tags: ai, application-security, attack, ceo, control, country, cyber, cyberattack, cybercrime, cybersecurity, defense, endpoint, finance, government, group, healthcare, infrastructure, intelligence, Internet, iran, malware, mfa, monitoring, phishing, risk, service, supply-chain, technology, threat, tool, update, vpnTargeting and response: According to Adrian Cheek, a senior cybercrime researcher at Canadian threat intelligence company Flare, the most at-risk sectors are critical infrastructure, including the defense and government supply chain, financial services, energy, and healthcare.”Water, energy, and healthcare sectors are currently the most exposed. These sectors combine high targeting priority with weak baseline security,…
-
Coruna iOS Exploit Kit Uses 23 Exploits Across Five Chains Targeting iOS 1317.2.1
Google said it identified a “new and powerful” exploit kit dubbed Coruna (aka CryptoWaters) targeting Apple iPhone models running iOS versions between 13.0 and 17.2.1.The exploit kit featured five full iOS exploit chains and a total of 23 exploits, Google Threat Intelligence Group (GTIG) said. It’s not effective against the latest version of iOS. The…
-
Shadow AI vs Managed AI: What’s the Difference? FireTail Blog
Tags: access, ai, api, attack, breach, chatgpt, ciso, cloud, computer, control, credentials, credit-card, data, data-breach, framework, google, injection, intelligence, Internet, law, LLM, malicious, mitre, monitoring, network, password, phishing, phone, risk, software, switch, threat, tool, training, vulnerabilityMar 04, 2026 – – Quick Facts: Shadow AI vs. Managed AIShadow AI is a visibility gap: It refers to any AI tool used by employees that the IT department doesn’t know about. Most companies have 10x more AI tools in use than they realize.Managed AI is a “Paved Path”: It uses approved, secure versions…
-
Anthropic AI ultimatums and IP theft: The unspoken risk
Tags: ai, ceo, china, ciso, data, data-breach, defense, google, government, intelligence, monitoring, network, openai, risk, service, theft, toolChina’s extraction campaign: A targeting operation, not a curiosity: Anthropic’s disclosure that three China”‘based AI companies (DeepSeek, Moonshot AI, and MiniMax) ran more than 16 million interactions through roughly 24,000 fraudulent accounts is not a story about model misuse. It is a story about targeting. These campaigns went straight at Claude’s most sensitive capabilities: agentic…
-
The Worm Turns When the Hunter Becomes the Hunted Mass Surveillance and the Weaponization of the Data We Voluntarily Create
Explore how advancements in surveillance infrastructure and the democratization of intelligence have transformed espionage. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/the-worm-turns-when-the-hunter-becomes-the-hunted-mass-surveillance-and-the-weaponization-of-the-data-we-voluntarily-create/
-
Thousands of iPhones Compromised in Massive Hack via Coruna Exploit Kit with 23 Vulnerabilities
Security researchers from the Google Threat Intelligence Group (GTIG) have uncovered >>Coruna,<< a highly sophisticated iOS exploit kit responsible for compromising thousands of iPhones. Targeting iOS versions 13.0 through 17.2.1, the framework contains five complete exploit chains leveraging a staggering 23 vulnerabilities. What began as a tool for a commercial surveillance vendor in early 2025…
-
Can effective AI security make IT teams feel relieved
How Can Non-Human Identities Revolutionize AI Security? Have you ever considered the role machine identities play in AI security? Where artificial intelligence is becoming integral to numerous sectors, securing these non-human identities (NHIs) is critical. NHIs, essentially machine identities, form the backbone of AI security, representing encrypted passwords, tokens, or keys that act as unique……
-
The ‘Six-Day’ Security Week: AI Adoption Ignites Leadership Crisis
Enterprise security teams are sprinting toward an artificial intelligence (AI)-driven future, but the breakneck pace of adoption is pushing leadership to a breaking point. According to Seemplicity’s 2026 State of the Cybersecurity Workforce Report, released Tuesday, the industry is witnessing a >>system failure<< where rapid technological integration is outpacing human capacity and governance. The data..…
-
Open-Source CyberStrikeAI Deployed in AI-Driven FortiGate Attacks Across 55 Countries
The threat actor behind the recently disclosed artificial intelligence (AI)-assisted campaign targeting Fortinet FortiGate appliances leveraged an open-source, AI-native security testing platform called CyberStrikeAI to execute the attacks.The new findings come from Team Cymru, which detected its use following an analysis of the IP address (“212.11.64[.]250”) that was used by the suspected First seen on…
-
Zenity Details Perplexity AI Browser Vulnerability
Zenity, a provider of a platform for securing artificial intelligence (AI) applications and agents, today detailed how a zero-click attack could be launched against the Comet AI browser developed by Perplexity. Company CTO Michael Bargury said the attack vector, dubbed PerplexedComet, enables a malicious attacker to control content in a way that can be used..…
-
Fortinet FortiGate Devices Targeted by CyberStrikeAI, Allowing Hackers to Bypass Security
Threat intelligence researchers at Team Cymru have uncovered an open-source AI-powered offensive security tool called CyberStrikeAI, actively used to target Fortinet FortiGate devices at scale, with its developer carrying suspected ties to China’s Ministry of State Security (MSS).”‹ CyberStrikeAI is an AI-native security testing platform written in Go, developed by a GitHub user named Ed1s0nZ.…
-
Epic Fury introduces new layer of enterprise risk
Tags: access, apt, attack, business, cisa, ciso, communications, country, credentials, cyber, cybersecurity, data-breach, disinformation, exploit, group, infrastructure, intelligence, international, Internet, iran, malware, middle-east, network, ransomware, resilience, risk, rust, service, software, technology, tool, ukrainePhysical attacks on US-linked locations through direct action or partner groups. We are already seeing Iranian missile launches into a variety of nations in the region.Cyber operations that include disruptive activity, targeted intrusions, credential and access harvesting, destructive malware deployment, and the use of compromised infrastructure to support broader influence or operational objectives.Proxy networks across…
-
7 factors impacting the cyber skills gap
Tags: ai, attack, automation, breach, business, ciso, control, cyber, cybercrime, cybersecurity, data, defense, detection, group, incident response, intelligence, jobs, risk, service, skills, strategy, technology, threat, tool, training, vulnerability2. Emerging technologies: New technologies, particularly AI, are contributing to a cyber landscape that’s evolving so quickly it’s hard for even highly skilled cybersecurity professionals to pace, says Dan Lohrmann, CISO at enterprise strategy and consulting firm Presidio.AI-driven threats keep moving the target, allowing cybercriminals to attack with unprecedented levels of speed and agility, Lohrmann…
-
How does AI contribute to cybersecurity stability
Is AI the Key to Cybersecurity Stability? Where digital threats are becoming increasingly sophisticated, one might ask: can artificial intelligence be the linchpin in fortifying our defenses and achieving cybersecurity stability? With industries like financial services, healthcare, travel, and technology double down on using innovative systems, including DevOps and security operations centers (SOC), it becomes……
-
The FBI’s cyber chief is using Winter SHIELD to accelerate China prep, threat intelligence sharing
Brett Leatherman is running the bureau’s most public cyber campaign yet, pushing basic security hygiene while quietly preparing industry for stepped-up Chinese threats. First seen on cyberscoop.com Jump to article: cyberscoop.com/brett-leatherman-fbi-cyber-priorities-winter-shield/
-
2nd March Threat Intelligence Report
Wynn Resorts, a United States-based casino and hotel operator, has confirmed that employee data was accessed following an extortion threat linked to ShinyHunters. The company said operations were not disrupted. Reports indicate […] First seen on research.checkpoint.com Jump to article: research.checkpoint.com/2026/2nd-march-threat-intelligence-report/
-
Criminal IP to Present Decision-Ready Threat Intelligence at RSAC 2026
Torrance, United States / California, 2nd March 2026, CyberNewswire First seen on hackread.com Jump to article: hackread.com/criminal-ip-to-present-decision-ready-threat-intelligence-at-rsac-2026/
-
How can you be reassured about your AI’s security integrity
Is Your AI Security Integrity Robust Enough? Where artificial intelligence is increasingly utilized across diverse sectors, the question of AI security integrity often comes to the forefront. When organizations integrate AI into their operations, ensuring safety and security becomes paramount. This is where the management of Non-Human Identities (NHIs) and secret security management plays a……
-
ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket
OpenClaw has fixed a high-severity security issue that, if successfully exploited, could have allowed a malicious website to connect to a locally running artificial intelligence (AI) agent and take over control.”Our vulnerability lives in the core system itself no plugins, no marketplace, no user-installed extensions just the bare OpenClaw gateway, running exactly as documented,” Oasis…
-
Hackers Exploit Windows File Explorer and WebDAV to Distribute Malware
Cybersecurity researchers at Cofense Intelligence have uncovered an ongoing campaign where threat actors abuse Windows File Explorer to distribute malware. By exploiting the legacy WebDAV protocol, attackers are tricking victims into downloading Remote Access Trojans (RATs) while bypassing traditional web browser security controls and some Endpoint Detection and Response (EDR) systems.”‹ WebDAV Exploit WebDAV (Web-based…