Threat actors stories - Page 3

F5 Labs launches monthly AI security leaderboards, ranking popular models on new indices of risk, resilience and cost under live attack.

Ransomware cases dipped 17% in January, but NCC warns the threat remains high as Qilin targets critical sectors and tactics evolve.

ShinyHunters shifts to subdomain-brand phishing and vishing on mobiles, bypassing domain checks to hijack SSO logins and SaaS sessions.

Russian-run Diesel Vortex phishing service raided freight and logistics portals in the US and Europe, stealing over 1,600 login credentials.

AI-fuelled hackers can now spread across corporate networks in as little as four minutes, outpacing human defenders by hours.

Global cyber attacks hit 2,090 a week in January as ransomware surges and risky GenAI use exposes fresh data-leak and intrusion paths.

Hijacked Google Ads accounts are serving bogus installers that trick Mac users into running MacSync stealer via fake Evernote guides.

CISOs slow-roll agentic AI in defence, even as they brace for more advanced, AI-boosted attacks and rising personal liability risks.

Horizon3.ai appoints defence veteran Dan Bird MBE as EMEA field CTO to sharpen offensive security amid rising regional cyber threats.

PromptSpy Android malware taps Google's Gemini AI to navigate screens, lock itself in recent apps and thwart users' attempts to remove it.

EY urges tech leaders to pursue AI-fuelled deals, agentic systems and sovereignty-by-design as 2026 competition and security pressures grow.

Cyber attacks on industrial systems in 2025 shifted from quiet spying to coordinated operations aiming to disrupt critical infrastructure.

Data-only extortion soars 11-fold as attackers 'log in instead of break in', abusing remote access tools for faster, stealthier raids.

Arctic Wolf says attackers are actively exploiting a critical BeyondTrust vulnerability in self-hosted remote access systems.

AI-fuelled ransomware hit record levels in 2025, with BlackFog warning that around 86% of attacks worldwide are never publicly disclosed.

Okta warns North Korean operatives are landing remote tech jobs with stolen and synthetic identities to fund the regime and enable cyber attacks.

BADIIS malware is hijacking over 1,800 IIS servers worldwide, quietly boosting illicit gambling and crypto phishing sites via poisoned SEO.

A newly uncovered SSHStalker botnet uses old-school IRC and legacy Linux exploits to hijack outdated corporate and cloud hosts at scale.

Google flags surging attempts to steal AI models as state-backed hackers weaponise Gemini for phishing, intel gathering and malware support.

While most slept through Christmas dawn, SonicSentry analysts foiled a 3am brute-force cyber attack on a French client's firewall.