Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts The Hacker [email protected] (The Hacker News)
August 1, 2025

Cybersecurity researchers have detailed a new cluster of activity where threat actors are impersonating enterprises with fake Microsoft OAuth applications to facilitate credential harvesting as part of account takeover attacks. "The …


New ‘Shade BIOS’ Technique Beats Every Kind of Security darkreadingNate Nelson, Contributing Writer
August 1, 2025

What if malware didn't require an operating system to function? How would anyone possibly notice, let alone disable it? What if malware didn't require an operating system to function? How would …


ISC2 Launches New Security Certificate for AI Expertise darkreadingEdge Editors
August 1, 2025

ISC2 is launching a 6-course certification program to address the growing demand for AI security expertise. Courses cover topics such as AI fundamentals, ethics, and risks. ISC2 is launching a 6-course …


AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedown The Hacker [email protected] (The Hacker News)
August 1, 2025

Cybersecurity researchers have flagged a malicious npm package that was generated using artificial intelligence (AI) and concealed a cryptocurrency wallet drainer. The package, @kodane/patch-manager, claims to offer "advanced license validation and …


SIEMs: Dying a Slow Death or Poised for AI Rebirth? darkreadingRob Wright
August 1, 2025

The SIEM market is at a pivotal point as XDR platforms and generative AI shake up the security analytics space. The SIEM market is at a pivotal point as XDR platforms …


You Are What You Eat: Why Your AI Security Tools Are Only as Strong as the Data You Feed Them The Hacker [email protected] (The Hacker News)
August 1, 2025

Just as triathletes know that peak performance requires more than expensive gear, cybersecurity teams are discovering that AI success depends less on the tools they deploy and more on the …


Storm-2603 Deploys DNS-Controlled Backdoor in Warlock and LockBit Ransomware Attacks The Hacker [email protected] (The Hacker News)
August 1, 2025

The threat actor linked to the exploitation of the recently disclosed security flaws in Microsoft SharePoint Server is using a bespoke command-and-control (C2) framework called AK47 C2 (also spelled ak47c2) …


ISC Stormcast For Friday, August 1st, 2025 https://isc.sans.edu/podcastdetail/9552, (Fri, Aug 1st) SANS Internet Storm Center, InfoCON: green
July 31, 2025

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.  ​Read More


CISA Releases Free Thorium Malware Analysis Tool darkreadingDark Reading Staff
July 31, 2025

Thorium enhances cybersecurity teams' defense capabilities by seamlessly integrating commercial, open-source, and custom tools used to analyze malware. Thorium enhances cybersecurity teams' defense capabilities by seamlessly integrating commercial, open-source, and custom …


Gen Z Falls for Scams 2x More Than Older Generations darkreadingNate Nelson, Contributing Writer
July 31, 2025

Forget gullible old people — Gen Z is the most at-risk age group on the Web. Older folks might want to ignore it, but employers are likely to feel …