Scaling cybersecurity services as an MSP or MSSP requires technical expertise and a business model that delivers measurable value at scale. Risk-based cybersecurity is the foundation of that model. When… Read More »The MSP Guide to Using AI-Powered Risk Management to Scale Cybersecurity
OpenAI on Friday began rolling out Codex Security, an artificial intelligence (AI)-powered security agent that’s designed to find, validate, and propose fixes for vulnerabilities. The feature is available in a… Read More »OpenAI Codex Security Scanned 1.2 Million Commits and Found 10,561 High-Severity Issues
Anthropic on Friday said it discovered 22 new security vulnerabilities in the Firefox web browser as part of a security partnership with Mozilla. Of these, 14 have been classified as… Read More »Anthropic Finds 22 Firefox Vulnerabilities Using Claude Opus 4.6 AI Model
Cybersecurity researchers have disclosed details of a multi-stage malware campaign that uses batch scripts as a pathway to deliver various encrypted remote access trojan (RATs) payloads that correspond to XWorm,… Read More »Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT
The Pakistan-aligned threat actor known as Transparent Tribe has become the latest hacking group to embrace artificial intelligence (AI)-powered coding tools to strike targets with various implants. The activity is… Read More »Transparent Tribe Uses AI to Mass-Produce Malware Implants in Campaign Targeting India
New research from Broadcom’s Symantec and Carbon Black Threat Hunter Team has discovered evidence of an Iranian hacking group embedding itself in several U.S. companies’ networks, including banks, airports, non-profit,… Read More »Iran-Linked MuddyWater Hackers Target U.S. Networks With New Dindoor Backdoor
New research from Broadcom’s Symantec and Carbon Black Threat Hunter Team has discovered evidence of an Iranian hacking group embedding itself in several U.S. companies’ networks, including banks, airports, non-profit,… Read More »Iran-Linked MuddyWater Hackers Target U.S. Networks With New Dindoor Backdoor
A China-linked advanced persistent threat (APT) actor has been targeting critical telecommunications infrastructure in South America since 2024, targeting Windows and Linux systems and edge devices with three different implants.… Read More »China-Linked Hackers Use TernDoor, PeerTime, BruteEntry in South American Telecom Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security flaws impacting Hikvision and Rockwell Automation products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of… Read More »Hikvision and Rockwell Automation CVSS 9.8 Flaws Added to CISA KEV Catalog
Microsoft on Thursday disclosed details of a new widespread ClickFix social engineering campaign that has leveraged the Windows Terminal app as a way to activate a sophisticated attack chain and… Read More »Microsoft Reveals ClickFix Campaign Using Windows Terminal to Deploy Lumma Stealer