Enterprise Security Tech

The phishing-as-a-service operation uses Microsoft device codes, stolen authentication tokens and AI-generated business email compromise messages to help attackers bypass traditional account defenses. A newly analyzed phishing platform known as Kali365 is giving cybercriminals an unusually complete toolkit for compromising Microsoft 365 accounts and converting stolen access into financial fraud. Huntress researchers uncovered the operation after detecting a spike in device co

Hackers accessed a significant amount of personal data belonging to University of Nottingham students and alumni, potentially including financial records, National Insurance numbers and protected characteristics. The university detected unauthorized activity in its Campus Solutions student records system on Tuesday and took affected systems offline. It has contacted impacted individuals and reported the incident to Action Fraud, the Information Commissioner’s Office and other

A newly disclosed Windows zero-day dubbed RoguePlanet abuses Microsoft Defender’s own quarantine process to give an ordinary user the highest level of control over a Windows 11 machine. Cyderes researchers said they reproduced the local privilege escalation exploit on a fully patched Windows 11 Pro system. The attack requires no administrator rights, kernel vulnerability or memory corruption. Instead, it chains together legitimate Windows features, including Defender scans, N

Anthropic has released Claude Fable 5, a new artificial intelligence model that brings much of its restricted Mythos technology to the public while attempting to block its most dangerous capabilities. Fable 5 generally allows users to access Mythos-class reasoning for complex tasks. When Anthropic’s systems detect requests involving high-risk areas, such as biological weapons or software exploitation, the query will instead be handled by the older Claude Opus 4.8 model. “We w

ServiceNow has disclosed a security incident involving a vulnerability that allowed unauthenticated users to access information inside some customer instances. The enterprise software provider said it detected anomalous activity connected to the flaw and found evidence that attackers successfully queried instance tables belonging to a subset of customers. ServiceNow privately notified the affected organizations and deployed a security update to hosted environments on June 5,

A newly disclosed denial-of-service attack is raising concerns across the cybersecurity community after researchers demonstrated how a single machine can overwhelm enterprise web servers and consume tens of gigabytes of memory within seconds. The attack, dubbed HTTP/2 Bomb, targets implementations of the HTTP/2 protocol used by some of the world's most widely deployed web infrastructure platforms, including NGINX, Apache HTTP Server, Microsoft IIS, Envoy, and Cloudflare's Pin