Researchers have uncovered a massive breach of Fortinet firewalls that has given Russian-speaking attackers near-unrestricted ...

A new phishing campaign is targeting banks and other high-value organizations with Phantom Stealer, a commercially available infostealer that runs in memory to avoid traditional detection, according ...

A phishing kit subverting Microsoft’s legitimate authentication flow lets attackers break into accounts without stealing ...

One of the world’s most active ransomware groups exploited a critical vulnerability in Oracle’s PeopleSoft software suite and ...

AI paid compared to those with little or none, per the IBM Cost of a Data Breach Report 2025. The same IBM 2025 research found that 13% of organizations had already suffered a breach of an AI model or ...

The Weaviate incident in 2025 illustrated this clearly. A researcher discovered an exposed OpenAI API key in a public ...

Modern infostealers don't just steal passwords—they harvest the digital identities and context that enable attackers to blend ...

A coding error in several Microsoft 365 Android apps could have allowed a malicious app on the same device to silently obtain account tokens and act as the signed-in user, according to new research ...

Microsoft patched a Microsoft 365 Android flaw that exposed account tokens across six apps. Here’s what IT teams should check ...

A VS Code vulnerability in GitHub.dev lets attackers steal full GitHub OAuth tokens via a single malicious link, exposing all private repositories.

Just last month, the most important metric in Silicon Valley was tokens burned—the units of measurement for the computing power being used by AI models. CEOs were giving employees the Matthew ...

AI is turning out to be more expensive than enterprises expected, and CFOs are now trading future headcount for tokens. Roughly 95% of enterprise AI still runs on the priciest frontier models even for ...