New GopherWhisper APT group abuses Outlook, Slack, Discord for comms

A previously undocumented state-backed threat actor named GopherWhisper is using a Go-based custom toolkit and legitimate ...
CoinDesk

Kelp DAO claims LayerZero’s 'default' settings are what actually caused the massive $290 million disaster

The liquid restaking protocol said the compromised verifier was LayerZero's own infrastructure, and the setup it was faulted ...

Why Anthropic’s Mythos is sparking global alarm

The tech company said the model is too powerful to release to the public. Read more at straitstimes.com. Read more at ...
Dark Reading

Critical MCP Integration Flaw Puts NGINX at Risk

Attackers can abuse the near-maximum severity flaw in nginx-ui to restart, create, modify, and delete NGINX configuration ...
Communications of the ACM

Subscription Bombing: Email under Attack

Email subscription bombing (also known as subscription flooding or email spam bombing) is an attack technique that overwhelms ...
Chiang Rai Times

Cybersecurity Best Practices for Protecting Your Digital Assets in Thailand

Thailand businesses face over 3,200 cyberattacks each week. That’s 164% higher than the global average. Plus, the country leads Southeast Asia in ransomware, with more than 109,000 cases reported. You ...

Critical vulnerability in Ruby's standard library ERB:attackers can execute code

The Ruby vulnerability is not easy to exploit, but allows an attacker to read sensitive data, start code, and install ...

With AI, cyberattacks come fast; it’s time firms patch faster

Discover how AI accelerates cyberattacks and why firms need to improve their patching strategies to mitigate escalating risks ...

Iran expands limited internet access but restrictions remain for most

Iranian authorities have been slowly expanding a list of individuals and entities deemed eligible to have limited internet ...
HealthcareInfoSecurity

Grafana AI Bug Leaks Data With Zero-Click Exploit

A Grafana AI flaw enables zero-click data exfiltration by hiding malicious prompts in URLs, said a Noma Security report.

Adversaries hijacked AI security tools at 90+ organizations. The next wave has write access to the firewall

Autonomous SOC agents now shipping can rewrite firewall rules and modify IAM policies — outpacing the governance frameworks ...
AMBCrypto

KelpDAO blames LayerZero as $294 mln hack: ‘Kelp’s own systems were not involved’

Facing the biggest hack of 2026, KelpDao—a liquid staking protocol—has now blamed LayerZero [ZRO] as the main culprit behind ...