Aura’s 900,000-record breach: when a marketing platform becomes a phishing time bomb
Aura says a vishing trick on a 2021-acquired marketing server exposed 900,000 contacts—no SSNs, but plenty of ammo for future scams.
Cybersecurity
Your Phone Number Is the Master Key—And Crooks Just Copied It
SIM-swap fraud surged 1,000% in a year—your phone number is now the master key to bank and crypto accounts.
Steam’s Indie Trojan: FBI Says These Seven Games Came With Free Malware
FBI: seven Steam indies hid password-stealing malware. Uninstall, nuke your creds, and move on.
Your Brand Has a Doppelganger on Social Media. Your SOC Doesn't Know It Yet.
AI-made fake social profiles now outrun domain phishing. Cisco’s new add-on folds social takedowns into the same console that already blocks email spoofs.
AI-Built Malware Is Cheap, Lazy, and Still Sneaking Past Enterprise Defenses
AI-built malware favors speed over craft, yet 14% still bypass scanners. HP says isolation, not smarter detection, broke the chain.
Phishers Found a Cheaper Weapon Than Malware: Your SOC’s Inbox
Phishers weaponize your own security awareness: cheap spam floods SOCs, burying real threats under hours of busywork.
HHS Arms Hospitals With Cyber Risk Tool: Treating Hackers Like Hurricanes
HHS introduces a free RISC 2.0 Cybersecurity Module to help hospitals assess digital threats alongside natural disasters, aligning with NIST and recent cyberattacks.
UNC4899’s Cloud Heist: How AirDrop and Kubernetes Became Tools for Crypto Theft
North Korean hackers UNC4899 exploited AirDrop and Kubernetes to steal millions from a crypto firm. Google outlines defense strategies against cloud breaches.
Quantum Proofing the Nation: How the New Cyber Strategy Battles Tomorrow’s Threats Today
As quantum computers threaten encryption, the U.S. National Cyber Strategy outlines six pillars for quantum readiness and AI security. With 88% of AI models vulnerable to jailbreaking, the race to secure critical infrastructure accelerates.
AI Unearths 22 Firefox Flaws in Two Weeks, But Exploits Remain Costly to Craft
Anthropic's AI identified 22 Firefox vulnerabilities in two weeks, but exploit generation remained limited despite $4,000 in API costs. Mozilla validated AI-assisted security as a new tool.
Microsoft's Cybersecurity Bet: Why Women's Career Continuity Beats One-Off Diversity Pushes
Microsoft's cybersecurity strategy prioritizes women's career continuity to address the 24% female workforce gap, focusing on sustained development over one-time diversity initiatives.
MuddyWater's Cyber Infiltration: Iranian APT Expands into U.S. and Israeli Networks Amid Geopolitical Tensions
An Iranian state-sponsored hacking group has expanded its cyberwar operations into U.S. and Israeli networks amid rising regional tensions.