Google: Cloud attacks exploit flaws more than weak credentials

Hackers are increasingly exploiting newly disclosed vulnerabilities in third-party software to gain initial access to cloud environments, with the window for attacks shrinking from weeks to just days.

The New Turing Test: How Threats Use Geometry to Prove 'Humanness'

Malware is evolving to evade sandboxes by pretending to be a real human behind the keyboard. The Picus Red Report 2026 shows 80% of top attacker techniques now focus on evasion and persistence, ...
The Hacker News

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Two Google Chrome extensions have turned malicious after what appears to be a case of ownership transfer , offering attackers a way to push malware to downstream customers, inject arbitrary code, and ...
The Hacker News

APT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian Military

APT28 deploys BEARDSHELL and COVENANT since April 2024 targeting Ukrainian military, enabling cloud-based espionage and persistent surveillance.
Ars Technica

AI can rewrite open source code—but can it rewrite the license, too?

Computer engineers and programmers have long relied on reverse engineering as a way to copy the functionality of a computer program without copying that program’s copyright-protected code directly.
SecurityWeek

OpenAI Rolls Out Codex Security Vulnerability Scanner

Codex Security, formerly Aardvark⁠, has found hundreds of critical vulnerabilities in tested software in the past month.