Threat intelligence stories - Page 2

Microsoft warns that 10 to 15 EvilToken phishing runs are launched daily, compromising hundreds of organisations through OAuth token abuse.

Qualys says attackers are exploiting flaws before disclosure as remediation backlogs swell, with edge devices facing the highest risk.

TrendAI urges stronger AI governance as it shifts cybersecurity from fear-based selling to platformised risk reduction for Australian firms.

Qualys study says attackers are exploiting flaws before patches exist, as manual remediation lags and edge systems emerge as the highest risk.

Permiso launches SandyClaw sandbox to detonate AI agent skills and expose hidden runtime risks before they reach enterprise systems.

China-linked TA416 returns to spying on European diplomats and later expands attacks to Middle Eastern government targets after Iran conflict.

Attackers abuse trusted tools, remote support software and stolen SSO sessions to breach systems, ReliaQuest says.

Cloud security specialists say organisations must rethink defences as control plane exposure, swelling telemetry and fragmented tools create fresh risks.

Zscaler says Xloader malware has added layered encryption, decoy servers and new obfuscation tricks to hinder analysts.

ReliaQuest flags DeepLoad malware stealing live credentials in enterprise networks, with AI-style obfuscation, USB spread and hidden WMI persistence.

Experts warn firms must improve visibility and backup resilience as automated ransomware campaigns and hidden SaaS and AI assets widen exposure.

Bitdefender offers free 45-day internal security check to spot over-entitled staff access as attackers increasingly abuse trusted tools.

Eventus Security's AI-led platform earns four Global InfoSec honours at RSAC as the firm's managed detection and response offering gains fresh momentum.

CrowdStrike and HCLTech deepen cybersecurity tie-up with a service to spot, prioritise and fix threats across cloud, identity and endpoints.

SonicWall says small firms are being hit hardest by basic security lapses as ransomware, bot traffic and identity theft keep climbing.

Eventus Security's AI-led platform earns four honours for managed detection, SOC and security services, underscoring its growing global reach.

Commvault adds Hyper Threat Hunting and Deep Inspection to Cloud Threat Scan, linking backup scanning with verified clean recovery after cyber attacks.

AI security tools are only as smart as the data they see, and network telemetry is emerging as the missing piece in hybrid cloud oversight.

Resemble AI unveils free Chrome extension and X bot as chief executive officer Zohaib Ahmed warns synthetic media risks are widening across businesses.

Rapid7 says China-linked Red Menshen has planted dormant “sleeper cells” inside global telecoms networks to quietly maintain long-term access.