BeforeBreach

As AI becomes the central engine for enterprise productivity, security leaders are finally getting the green light — and the budget — to secure it. But there’s a quiet crisis unfolding in the boardroom: many organizatio...

New RFP Template for AI Usage Control and AI Governance New RFP guide helps CISOs evaluate AI governance tools, focusing on interaction-level security and vendor accountability.

Google said it identified a "new and powerful" exploit kit dubbed Coruna (aka CryptoWaters) targeting Apple iPhone models running iOS versions between 13.0 and 17.2.1.
The exploit kit featured five full iOS ex...

Coruna iOS Exploit Kit Uses 23 Exploits Across Five Chains Targeting iOS 13–17.2.1 Google uncovered Coruna iOS exploit kit with 23 exploits across five chains targeting iPhones running iOS 13–17.2.1.

Cybersecurity researchers have warned of a surge in retaliatory hacktivist activity following the U.S.-Israel coordinated military campaign against Iran, codenamed Epic Fury and Roaring Lion.
"The hacktivist threat...

149 Hacktivist DDoS Attacks Hit 110 Organizations in 16 Countries After Middle East Conflict 149 hacktivist attacks hit 110 organizations across 16 countries after Middle East conflict, targeting governments, infrastructure, & telecom sectors.

A joint law enforcement operation has dismantled LeakBase, one of the world's largest online forums for cybercriminals to buy and sell stolen data and cybercrime tools.
The LeakBase forum, per the U.S. Department of...

FBI and Europol Seize LeakBase Forum Used to Trade Stolen Credentials Authorities dismantled LeakBase, a cybercrime forum with 142,000 members trading stolen credentials and financial data in a global crackdown.

Tycoon 2FA, one of the prominent phishing-as-a-service (PhaaS) toolkits that allowed cybercriminals to stage adversary-in-the-middle (AitM) credential harvesting attacks at scale, was dismantled by a coalition of law en...

Europol-Led Operation Takes Down Tycoon 2FA Phishing-as-a-Service Linked to 64,000 Attacks Authorities dismantle Tycoon 2FA phishing service linked to 64,000 attacks, millions of emails, and breaches at nearly 100,000 organizations worldwide

Cybersecurity researchers have disclosed details of a new Russian cyber campaign that has targeted Ukrainian entities with two previously undocumented malware families named BadPaw and MeowMeow.
"The attack chain i...

APT28-Linked Campaign Deploys BadPaw Loader and MeowMeow Backdoor in Ukraine Researchers uncover APT28-linked phishing attacks against Ukrainian targets deploying BadPaw loader and MeowMeow backdoor for remote system control.

Organizations typically roll out multi-factor authentication (MFA) and assume stolen passwords are no longer enough to access systems. In Windows environments, that assumption is often wrong. Attackers still compromise ...

Where Multi-Factor Authentication Stops and Credential Abuse Starts Seven Windows authentication paths bypass MFA protections, enabling credential attacks through AD, NTLM, Kerberos, RDP, SMB, and service accounts.

A suspected Iran-nexus threat actor has been attributed to a campaign targeting government officials in Iraq by impersonating the country's Ministry of Foreign Affairs to deliver a set of never-before-seen malware...

Dust Specter Targets Iraqi Officials with New SPLITDROP and GHOSTFORM Malware Iran-linked Dust Specter targeted Iraqi officials using fake ministry lures and new malware families uncovered by Zscaler.

Some weeks in cybersecurity feel routine. This one doesn’t.
Several new developments surfaced over the past few days, showing how quickly the threat landscape keeps shifting. Researchers uncovered fresh activity, securi...

ThreatsDay Bulletin: DDR5 Bot Scalping, Samsung TV Tracking, Reddit Privacy Fine & More Latest cybersecurity threats, malware campaigns, research findings, and key security developments from this week’s ThreatsDay Bulletin.

Most organizations assume encrypted data is safe.
But many attackers are already preparing for a future where today’s encryption can be broken. Instead of trying to decrypt information now, they are collecting encrypted...

Preparing for the Quantum Era: Post-Quantum Cryptography Webinar for Security Leaders Harvest-now-decrypt-later threats push organizations toward hybrid cryptography and ML-KEM as quantum risks grow. Learn strategies in a webinar.