A pair of AI tools advertised on hacking forums were developed using commercial AI models from xAI and Mistral, according to Cato Networks.

To defend “target rich, resource poor” critical infrastructure from cyberattacks, the U.S. must expand its patchwork volunteer system, a new report concludes. 

Unit 221B’s Allison Nixon said crackdowns have effectively shown the group that their actions carry real consequences.

Research shows that AI-generated code is remarkably insecure. Yet experts tell CyberScoop it's up to industry to figure out a way to limit the issues the technology…

Wild variances in naming taxonomies aren’t going away, but a new initiative from the security vendors aims to more publicly address obvious overlap in threat group attribution.

The domino effect of CVE disruption is something all cybersecurity practitioners must be aware of, a Morphisec executive argues.

The besieged security vendor maintains the latest exploited vulnerabilities in its products are entirely linked to unspecified security issues in open-source libraries. Some researchers aren’t buying it.

Google Threat Intelligence Group said it developed means to counter the activity, which it linked to APT41.

Laundry Bear, a group recently identified by Dutch intelligence and security services, stole work-related contact details on the Netherlands’ national police force in September 2024, Microsoft researchers…

The company has addressed zero-day vulnerabilities for eight consecutive months without deeming any of them critical at the time of disclosure.