20+ hour, 19+ min ago  (596+ words) Senior Technical Sales Engineer, Nozomi Networks The UK is making its most significant overhaul of cybersecurity regulations in nearly a decade, and operational technology (OT) asset owners are watching closely. Introduced in November 2025, the Cyber Security and Resilience Bill (CSRB)…...

1+ day, 2+ hour ago  (637+ words) A credential theft campaign that targeted C-suite executives and senior personnel at major global organizations from November 2025 to March 2026 has been uncovered by researchers at Abnormal. "They have detailed a previously undocumented phishing-as-a-service (PhaaS) platform called Venom that served as…...

16+ hour, 14+ min ago  (558+ words) Investments in AI security products continued at pace in March 2026, as security vendors continue to focus on AI, while AI vendors have made moves to bring additional security expertise in-house through mergers and acquisitions. Major deals included OpenAI's acquisition of…...

1+ day, 21+ hour ago  (449+ words) The vast majority (80%) of critical national infrastructure (CNI) providers in the UK face downtime costs of between "100,000 ($132,144) and "5m ($6.6m) from cyber-attacks that disrupt their operational technology (OT), according to e2e-assure. The SOC-as-a-service provider polled 250 cybersecurity decision makers in CNI sectors including…...

1+ day, 16+ hour ago  (448+ words) A series of malicious LNK files targeting users in South Korea has been detected using a multi-stage attack chain that uses GitHub as command and control (C2) infrastructure. The campaign relies on scripting, encoded payloads and legitimate Windows tools to maintain…...

2+ day, 19+ hour ago  (667+ words) Emerging Trends Working Group Member, ISACA Clawdbot's popularity has been meteoric, racking up more than 140,000 stars and 20,000 forks on its Github repository. However, its renaming to Moltbot suggested significant security issues, such as the trifecta of access to private data,…...

3+ day, 2+ hour ago  (453+ words) Threat actors have targeted an open source maintainer to hijack one of the most popular npm packages and spread remote access Trojans (RATs). Axios is a JavaScript library downloaded over 100 million times a week'and used as a dependency in countless…...

3+ day, 17+ hour ago  (528+ words) A security vulnerability in ChatGPT executed with a single malicious prompt could be exploited to covertly exfiltrate sensitive data from prompts and messages. The security issue, which enabled data exfiltration and remote code execution, was discovered by cybersecurity researchers at…...

4+ day, 15+ hour ago  (252+ words) A wave of tax-themed cyber campaigns delivering malware, remote access tools, fraud schemes and credential phishing has been detected in early 2026. Proofpoint researchers identified more than a hundred such operations, highlighting'how attackers continue to exploit the pressures and expectations tied…...

3+ day, 21+ hour ago  (320+ words) A .NET-based infostealer sold as part of a commercial cybercrime toolkit that bundles a stealer, crypter and remote access tool (RAT) under subscription tiers has been detailed further by cybersecurity researchers. The malware, known as Phantom Stealer, collects browser credentials,…...