Threat actor landscape: what every CISO must know to stay ahead

Threat actors include Scattered Spider (UNC3944), Black Basta, RansomHub, and NoEscape. TTPs comprise SIM-swapping to bypass multi-factor authentication (MFA), compromise of cloud and SaaS-based ...
The Hacker News

Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection

A critical LangChain Core vulnerability (CVE-2025-68664, CVSS 9.3) allows secret theft and prompt injection through unsafe ...
The Hacker News

ThreatsDay Bulletin: Stealth Loaders, AI Chatbot Flaws AI Exploits, Docker Hack, and 15 More Stories

Weekly roundup exploring how cyber threats, AI misuse, and digital deception are reshaping global security trends.
eWeek

OpenAI Steps Up Security as ChatGPT Atlas Faces Ongoing Prompt Injection Threats

The AI firm has rolled out a new security update to Atlas’ browser agent after uncovering a new class of prompt injection ...
Security Boulevard

Best of 2025: Inside the Minds of Cybercriminals: A Deep Dive into Black Basta’s Leaked Chats

The leaked internal chat communications of the Black Basta ransomware group offer an unprecedented view into how cybercriminals operate, plan attacks, and ...
heise online

Remote Maintenance ScreenConnect: Critical vulnerability allows code execution

In the remote maintenance software ScreenConnect from Connectwise, attackers can exploit a critical security vulnerability to install their extensions on the server. Updated software is intended to ...
WinBuzzer

OpenAI Deploys Automated ‘Attacker’ to Harden Atlas Browser, Admits Prompt Injection Is ‘Unsolved’

OpenAI has deployed a new automated security testing system for ChatGPT Atlas, but has also conceded that prompt injection ...