China’s Ministry of State Security (MSS) has announced a bounty for information on members of Taiwan’s psychological warfare unit, accusing them of separatist activities and cyber influence campaigns. The move signals an escalation in cross-strait information warfare and a growing overlap between propaganda and cybersecurity operations.
SIM farms expose how weak KYC and SMS OTP let fraud scale. Raids seized SIM boxes and tens of thousands of cards. Here’s how carriers and brands can actually fix it.
AI-targeted cloaking feeds AI agents a different web than humans see. Learn the risks, detection tactics, and governance steps to keep answers trustworthy.
A breakthrough hardware-based technique intercepts TPM communications over the SPI bus to unlock BitLocker volumes protected by TPM + PIN. This article analyses the method and its implications for enterprise encryption strategies.
A phishing vulnerability in vLex’s Vincent.ai exposed lawyers and law firms to AI-driven cyberattacks. Attackers manipulated the legal research tool to embed malicious links into AI-generated responses, creating a new avenue for targeted phishing in the legal sector.
Security researchers revealed that ChatGPT’s Atlas Browser can be manipulated through hidden prompt injections, allowing attackers to hijack AI behavior, leak data, and bypass safeguards. Learn how it works and how to defend against it.
A critical zero-day vulnerability in SonicWall SMA1000 appliances is being actively exploited in targeted attacks. This analysis explains the attack flow, affected environments, and the urgent defensive steps organizations must take to secure their networks.
Rhadamanthys suffered a coordinated disruption as “customers” lost access to panels and servers. With certificate-only logins and Tor sites offline, credential theft pipelines broke. Use the lull to rotate passwords, revoke tokens, scrub loaders, and harden identity before operators relaunch under a new brand.
A malicious MCP server can exfiltrate API keys and sensitive data from applications, exposing how trust in developer frameworks can be abused.
Microsoft’s December 2025 Patch Tuesday delivers critical security updates — 56 vulnerabilities across Windows, Office, Exchange and more including three zero-day flaws. Attackers exploited at least one, making immediate patching vital for enterprise and personal systems alike.