Google researchers said Chinese attackers have been exploiting a zero-day since mid-2024, and they’ve moved on to a more advanced version of Brickstorm malware called Grimbolt.
Palo Alto Network’s incident response firm said identity-based attacks are exploding as poor security controls stretch across a widening mosaic of integrated tools and systems.
Wind turbines are seen on a wind farm on a field between agricultural produce in a countryside in a village near Radom, Poland on May 19, 2025. (Photo by Dominika Zarzycka/NurPhoto)
The Cybersecurity and Infrastructure Security Agency said the attack highlighted threats from vulnerable edge devices to operational technology and industrial control systems.
Members of the Peoples Liberation Army band leave after the closing session of the Chinese People’s Political Consultative Conference, or CPPCC, at the Great Hall of the People on March 10, 2025 in Beijing. (Photo by Kevin Frayer/Getty Images)
The trio, which share lineage with the more broadly defined Lazarus Group, are focused on espionage and cryptocurrency theft, according to CrowdStrike.
A threat actor is seeding the internet with AI browser extensions that can intercept a user’s authenticated session tokens and hijack accounts. (Photo by VCG/VCG via Getty Images)
OpenAI and Anthropic said they turned over their models to government researchers, who found an array of previously undiscovered vulnerabilities and attack techniques. (Image via Getty)
The voluntary framework would provide legal clarity to third-party AI researchers, including those who study safety and other “unexpected” AI behaviors.
