Search the Portal

Similar pledges to fight scam networks were made by members of the Association of Southeast Asian Nations in the months leading up to the Bangkok conference. The post Thailand Conference Launches International Initiative to Fight Online Scams appeared first on SecurityWeek.

A suspected Russia-aligned group has been attributed to a phishing campaign that employs device code authentication workflows to steal victims' Microsoft 365 credentials and conduct account takeover attacks. The activity, ongoing since September 2025, is being tracked by Proofpoint under the moniker UNK_AcademicFlare. The attacks involve using compromised email addresses belonging to government

Other noteworthy stories that might have slipped under the radar: Trump could use private firms for cyber offensive, China threat to US power grid, RaccoonO365 suspect arrested in Nigeria. The post In Other News: Docker AI Attack, Google Sues Chinese Cybercriminals, Coupang Hacked by Employee appeared first on SecurityWeek.

The agreement strengthens technical and commercial ties as Palo Alto migrates workloads and adopts Google’s Vertex AI and Gemini models. The post Palo Alto Networks, Google Cloud Strike Multibillion-Dollar AI and Cloud Security Deal appeared first on SecurityWeek.

Cybersecurity researchers have disclosed details of a new campaign that has used cracked software distribution sites as a distribution vector for a new version of a modular and stealthy loader known as CountLoader. The campaign "uses CountLoader as the initial tool in a multistage attack for access, evasion, and delivery of additional malware families," Cyderes Howler Cell Threat Intelligence

The startup’s solution captures, verifies, and governs all AI interactions within an enterprise’s environment. The post AI Security Firm Ciphero Emerges From Stealth With $2.5 Million in Funding appeared first on SecurityWeek.

The Trump administration has pursued a staggering range of policy pivots this past year that threaten to weaken the nation’s ability and willingness to address a broad spectrum of technology challenges, from cybersecurity and privacy to countering disinformation, fraud and corruption. These shifts, along with the president’s efforts to restrict free speech and freedom of the press, have come at such a rapid clip that many readers probably aren’t even aware of them all.

Danish intelligence service said the attacks were part of Russia’s “hybrid war” against the West and an attempt to create instability. The post Denmark Blames Russia for Cyberattacks Ahead of Elections and on Water Utility appeared first on SecurityWeek.

The hacking group has been using Group Policy to deploy cyberespionage tools on governmental networks. The post Chinese APT ‘LongNosedGoblin’ Targeting Asian Governments appeared first on SecurityWeek.

Millions of developers can now use the secure, production-ready images made by Docker. The post Docker Makes 1,000 Hardened Images Free and Open Source appeared first on SecurityWeek.

The exchange has been allegedly involved in laundering money for ransomware groups and other transnational cybercriminal organizations. The post US Shuts Down Crypto Exchange E-Note, Charges Russian Administrator appeared first on SecurityWeek.

Downloaded from a code library, the information pertains to current and former staff and affiliates, and to alumni and students. The post University of Sydney Data Breach Affects 27,000 Individuals appeared first on SecurityWeek.

Linked to the Aisuru IoT botnet, Kimwolf was seen launching over 1.7 billion DDoS attack commands and increasing its C&C domain’s popularity. The post ‘Kimwolf’ Android Botnet Ensnares 1.8 Million Devices appeared first on SecurityWeek.

WatchGuard has released fixes to address a critical security flaw in Fireware OS that it said has been exploited in real-world attacks. Tracked as CVE-2025-14733 (CVSS score: 9.3), the vulnerability has been described as a case of out-of-bounds write affecting the iked process that could allow a remote unauthenticated attacker to execute arbitrary code. "This vulnerability affects both the

Authorities in Nigeria have announced the arrest of three "high-profile internet fraud suspects" who are alleged to have been involved in phishing attacks targeting major corporations, including the main developer behind the RaccoonO365 phishing-as-a-service (PhaaS) scheme. The Nigeria Police Force National Cybercrime Centre (NPF–NCCC) said investigations conducted in collaboration with