Latest Intelligence
Vulnerability Detection Tops Agentic AI at RSAC's Startup Competition
The article discusses the emergence of agentic-native startups that could potentially transform the zero-day vulnerability landscape into a more immediate zero-hour issue. While these AI agents may enhance offensive cyber capabilities, they also raise concerns about the acceleration of cyber attacks.
Google Agrees to $1.3 Billion Settlement in Texas Privacy Lawsuits
Google has reached a $1.375 billion settlement with the state of Texas regarding lawsuits related to the tracking of location, private browsing, and biometric data collection. This settlement underscores the growing scrutiny over privacy practices in the tech industry and the legal implications of data collection methods.
⚡ Weekly Recap: Zero-Day Exploits, Developer Malware, IoT Botnets, and AI-Powered Scams
Cybercriminals are shifting their focus from high-value targets to overlooked infrastructure, such as outdated software and unpatched IoT devices, which have become launchpads for cyberattacks. This change in strategy highlights the importance of securing all aspects of digital infrastructure to prevent exploitation.
437,000 Impacted by Ascension Health Data Breach
Ascension Health has reported a data breach affecting over 437,000 individuals, which has been officially communicated to the HHS. This incident underscores significant concerns regarding data security in healthcare organizations.
Update to How CISA Shares Cyber-Related Alerts and Notifications
CISA has updated its approach to sharing cybersecurity alerts and notifications, effective May 12. Announcements will now be made via social media, email, and RSS feeds, with the Cybersecurity Alerts & Advisories webpage focusing solely on urgent threats and major cyber activities.
Asus DriverHub Vulnerabilities Expose Users to Remote Code Execution Attacks
Two vulnerabilities in ASUS's DriverHub software allow for remote code execution, posing significant risks to users. This highlights the importance of addressing security flaws in pre-installed software to protect against potential attacks.
US Deportation Airline GlobalX Confirms Hack
Global Crossing Airlines, also known as GlobalX, is currently investigating a cybersecurity incident following a hack by Anonymous hackers. This incident raises significant concerns regarding the security of airline systems involved in deportation operations.
The Persistence Problem: Why Exposed Credentials Remain Unfixed—and How to Change That
The article discusses the significant issue of exposed credentials that remain valid for extended periods even after detection, as highlighted by GitGuardian's 2025 report. This persistent problem poses a growing risk for organizations, as unaddressed credentials can lead to increased vulnerabilities and potential attacks.
German Authorities Take Down Crypto Swapping Service eXch
German authorities have taken down the crypto-swapping service eXch, which was involved in laundering approximately $1.9 billion in fraudulent assets. This operation highlights the ongoing efforts to combat cryptocurrency-related crime and enforce regulations in the financial sector.
How can we counter online disinformation? | Unlocked 403 cybersecurity podcast (S2E2)
The article discusses the rapid spread of disinformation online and emphasizes the importance of combating this issue in our digital landscape. It highlights the challenges posed by false information and the need for effective strategies to address it.
US Announces Botnet Takedown, Charges Against Russian Administrators
The US has successfully disrupted Anyproxy and 5socks, two websites providing proxy services via a botnet, as part of a law enforcement operation targeting Russian administrators. This action highlights ongoing efforts to combat cybercrime and the use of botnets for malicious activities.
Fake AI Tools Used to Spread Noodlophile Malware, Targeting 62,000+ via Facebook Lures
Threat actors are using fake AI-powered tools to lure users into downloading Noodlophile malware, an information stealer. This method, which leverages convincing AI-themed platforms advertised through Facebook and social media, marks a shift from traditional phishing techniques.
Google Pays $1.375 Billion to Texas Over Unauthorized Tracking and Biometric Data Collection
Google has agreed to a $1.375 billion settlement with Texas over lawsuits alleging unauthorized tracking of users' location and facial recognition data collection without consent. This settlement highlights ongoing privacy concerns and regulatory scrutiny faced by major tech companies regarding user data handling.
Germany Shuts Down eXch Over $1.9B Laundering, Seizes €34M in Crypto and 8TB of Data
Germany's Federal Criminal Police Office has shut down the eXch cryptocurrency exchange due to allegations of money laundering, seizing €34 million in crypto assets and 8 terabytes of data. This operation highlights the ongoing efforts to combat illegal activities in the cryptocurrency sector.
Rapid7 Launches Managed Detection & Response (MDR) for Enterprise
Rapid7 has launched a Managed Detection and Response (MDR) service tailored for enterprise needs, aiming to enhance cybersecurity posture through proactive threat detection and response. This service is significant as it addresses the growing demand for advanced security solutions in an increasingly complex threat landscape.