Infrastructure Attacks With Physical Consequences Down 25%
Operational technology (OT) at industrial and critical infrastructure sites seem to have been benefitting from a lull in ransomware, and hackers’ relative ignorance of OT systems.
Google Sets 2029 Deadline for Quantum-Safe Cryptography
The post-quantum future may be coming sooner than you think, as Google plans to have PQC migration in place by 2029.
AitM Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile Evasion
Threat actors are using adversary-in-the-middle (AitM) phishing pages to seize control of TikTok for Business accounts in a new campaign, according to a report from Push Security. Business accounts associated with social media platforms are a lucrative target, as they can be weaponized by bad actors for malvertising and distributing malware. “TikTok has been historically…
We Are At War
Rising geopolitical tensions are reflected (or in some cases preceded) by cyber operations, while technology itself has become politicized. Let’s admit it: we are in the middle of it. Introduction: One tech power to rule them all is a thing of the past The relative safety, peace and prosperity that much of the world has…
Bearlyfy Hits 70+ Russian Firms with Custom GenieLocker Ransomware
A pro-Ukrainian group called Bearlyfy has been attributed to more than 70 cyber attacks targeting Russian companies since it first surfaced in the threat landscape in January 2025, with recent attacks leveraging a custom Windows ransomware strain codenamed GenieLocker. “Bearlyfy (also known as Labubu) operates as a dual-purpose group aimed at inflicting maximum damage upon…
LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks
Cybersecurity researchers have disclosed three security vulnerabilities impacting LangChain and LangGraph that, if successfully exploited, could expose filesystem data, environment secrets, and conversation history. Both LangChain and LangGraph are open-source frameworks that are used to build applications powered by Large Language Models (LLMs). LangGraph is built on the foundations of
DarkSword iOS Exploit Chain
What is the Attack? Researchers from Google Threat Intelligence Group identified DarkSword, a sophisticated full-chain iOS exploit framework actively used by multiple surveillance vendors and suspected state-sponsored actors. Observed since at least November 2025, the exploit has been deployed in targeted campaigns across Saudi Arabia, Turkey, Malaysia, and Ukraine, enabling silent compromise of iOS devices…
Is the FCC’s Router Ban the Wrong Fix?
The agency put foreign-made consumer routers on its list of prohibited communications devices, but the ban could create more problems down the road.
Automotive Cybersecurity Threats Grow in Era of Connected, Autonomous Vehicles
More than a decade since the 2015 Jeep hack, the cybersecurity of vehicles remains of the utmost importance.
Critical Flaw in Langflow AI Platform Under Attack
Threats actors pounced on the code injection vulnerability within hours of its disclosure, demonstrating that organizations have little time to address critical bugs.