The vendor hasn’t released a patch for the vulnerability or described the scope and objective of confirmed attacks.

CrowdStrike says The Com-affiliated threat groups are using voice phishing and fake SSO pages to break into SaaS environments and steal data fast for extortion.

Some attackers, which researchers link to The Com, have swatted company executives to increase leverage and pressure victims to pay their ransom demands.

GreyNoise researchers spotted a consistent trend in forthcoming vulnerabilities affecting security tools, providing defenders an early-warning system for likely imminent attacks.

The program comes as the tech industry races to secure software before similar AI-powered offensive capabilities become too much for defenders to handle.

Leaders from various cybersecurity institutions were quick to defend and evangelize the administration’s strategic pivots in cyberspace.

The company says it will integrate Koi’s technology into its security offerings to improve visibility into AI-driven activity on workplace devices.

Palo Alto Network’s incident response firm said identity-based attacks are exploding as poor security controls stretch across a widening mosaic of integrated tools and systems.

Ransomware negotiators dish on being in a ‘moral gray zone,’ unrestricted by accountability or industrywide rules of engagement.

Attacker interest in the vulnerability is magnified by an unparalleled number of publicly available exploits, earning the defect the highest verified public exploit count of any CVE…