News

The Hacker News1d

Threat Actors Weaponize HexStrike AI to Exploit Citrix Flaws Within a Week of Disclosure

HexStrike AI, according to its website, is pitched as an AI‑driven security platform to automate reconnaissance and ...
Forbes3mon

What 200,000 Leaked Messages Reveal About The Future Of Ransomware - Forbes

What practical steps should security leaders take to bolster their defenses against the next wave of ransomware attacks?
Wired10mon

Inside Sophos' 5-Year War With the Chinese Hackers Hijacking Its ...

Sophos' analysts tie that exploit development to an academic institute and a contractor, both around Chengdu: Sichuan Silence Information Technology—a firm previously tied by Meta to Chinese ...
CSOonline8mon

Gen AI is transforming vulnerability hunting for pen-testers and ...

Even generating new variations of existing exploits to bypass detection signatures in firewalls and intrusion prevention systems is a notable development, as many organizations don’t deploy ...
Infosecurity-magazine.com1mon

LLMs Fall Short in Vulnerability Discovery and Exploitation

This is according to new research by Forescout Research – Vedere Labs, which tested 50 current AI models from commercial, open source and underground sources to evaluate their ability to perform ...
CSOonline6mon

Chinese cyber espionage growing across all industry sectors

New and expanding China-backed threat groups are pushing a broader cyber strategy, likely with eventual reunification with Taiwan in mind, CrowdStrike security researchers say.
CRN1y

5 Big Things To Know From CrowdStrike’s 2024 Threat Report

“Not in malware code writing or exploit development. But it’s been more like, ‘Write a script to extract all the Entra IDs from a Microsoft Azure cloud tenant,’” he said.
VentureBeat5mon

Cisco Warns: Fine-tuning turns LLMs into threat vectors | VentureBeat

These tools are plug-and-play for phishing, exploit development, credit card validation and obfuscation.