Cybersecurity Archives

Binary code depicted in waves. (iStock/Getty Images)

Shai-Hulud worm returns stronger and more automated than ever before

Self-replicating malware has infected almost 500 open-source packages, exposing more than 26,000 GitHub repositories in less than 24 hours.

19 hours ago By Matt Kapko

New research finds that Claude breaks bad if you teach it to cheat

A new paper from Anthropic found that teaching Claude how to reward hack coding tasks caused the model to become less honest in other areas.

20 hours ago By Derek B. Johnson

This campaign aims to tackle persistent security myths in favor of better advice

Hacklore.org includes the launch of a website and a letter signed by more than 80 cybersecurity professionals.

1 day ago By Tim Starks

Salesloft confirmed the impact is much more severe and widespread. (imageBROKER/Timon Schneider/Alamy)

When trust turns toxic: Lessons from the Salesloft Drift incident

The recent Salesloft Drift breach offered a sobering reminder of how easily trust can be weaponized in today’s SaaS and AI-integrated environments. In this incident, hackers exploited…

1 day ago By Art Poghosyan

A photo-illustration of computer code fading into a digital representation of a human head. — (Yuichiro Chino/Getty Images)

The slow rise of SBOMs meets the rapid advance of AI

Despite years of effort to make software safer and more transparent with SBOMs, the rise of AI coding assistants is fueling optimism—and, some experts argue, “kind of…

1 day ago By Cynthia Brumfield

Legacy web forms are the weakest link in government data security

Outdated government web forms are placing millions of citizens at risk as sensitive information is collected and transmitted through insecure, non-compliant systems.

4 days ago By Frank Balonis

The SolarWinds Corp. logo is seen at the headquarters in Austin, Texas on April 15, 2021 in Austin, Texas. (Photo by SUZANNE CORDEIRO/AFP via Getty Images)

SEC drops case against SolarWinds tied to monumental breach

The Securities and Exchange Commission on Thursday dropped its case against SolarWinds and its chief information security officer over its handling of an alleged Russian cyberespionage campaign…

5 days ago By Tim Starks

Salesforce Tower in San Francisco on June 28, 2019. (Jessica Christian/San Francisco Chronicle via Getty Images)

Hundreds of Salesforce customers hit by yet another third-party vendor breach

The widespread compromise is strikingly similar to a previous attack that originated at Salesloft Drift.

5 days ago By Matt Kapko

Safe Mode

How Visa’s CISO turns a ‘paranoid and pessimisitic mindset’ into positive security outcomes

Visa CISO Subra Kumaraswamy joins Safe Mode to discuss the global scale and complexities of cybersecurity at Visa, from managing a billion transactions daily to maintaining a…

5 days ago By CyberScoop Staff

Anna Gomez, commissioner of the Federal Communications Commission (FCC), at the FCC headquarters in Washington, D.C. on July 22, 2025. (Photo by Valerie Plesch/For The Washington Post via Getty Images)

Why Anna Gomez believes the FCC is letting telecoms off easy after Salt Typhoon

Commissioner Gomez told CyberScoop the agency is poised to eliminate “the only meaningful regulatory response to Salt Typhoon that I have seen.”

5 days ago By Derek B. Johnson