top of page


Enterprise Security Tech
A cybersecurity resource for CxOs
Search


KDDI Cyberattack Exposes 12 Million Email Addresses and 7.6 Million Passwords in Japan ISP Breach
A cyberattack on an email platform operated by Japanese telecom giant KDDI exposed more than 12.2 million customer email addresses and 7.6 million passwords, marking one of the larger recent credential exposure incidents tied to shared internet service provider infrastructure in Japan. KDDI said the breach affected an email system it runs for five Japanese internet service providers. The platform supports customer email account management, webmail access and email storage. Th
2 days ago


China-Linked Hackers Target University Physics Departments in Roundcube Espionage Campaign
A previously unknown espionage group believed to be operating on behalf of China is targeting physics and engineering departments at universities in the United States and Canada, with a particular focus on research tied to national security, astrophysics, and particle physics. Security researchers at Proofpoint are tracking the activity as UNK_MassTraction. The group is exploiting a chain of vulnerabilities in Roundcube, a widely used open-source webmail platform, to steal cr
2 days ago


CrySome RAT Campaign Turns a Fake Freight Document Into a Full Remote Access Breach
A logistics-themed phishing campaign recently pushed the CrySome remote access trojan through a multi-stage Windows infection chain, showing how attackers are blending believable business lures, native system tools, open-source security-disabling utilities, and modular malware to gain persistent control of victim machines. Researchers with LevelBlue’s SpiderLabs said the incident began with a targeted spear-phishing email disguised as a freight rate confirmation. The message
3 days ago


AI Agent Carries Out Ransomware Attack in Possible Cybercrime First
A ransomware operation tracked as JadePuffer may be one of the clearest signs yet that autonomous AI agents are moving from theory into real-world cybercrime. According to cloud security firm Sysdig, JadePuffer used a large language model agent to conduct much of the ransomware attack chain on its own, including reconnaissance, credential theft, lateral movement, persistence, privilege escalation, and data encryption. The most important part was not that the attack used new t
3 days ago


Russian Hackers Bypass Signal and WhatsApp Encryption by Targeting Backup Keys
Russian military-linked hackers are intensifying phishing campaigns against Signal and WhatsApp users, not by breaking encryption, but by convincing targets to hand over account recovery details that can unlock private messages and group chats. A new alert from the FBI and the U.S. Cybersecurity and Infrastructure Security Agency warns that Russian intelligence services are posing as automated support bots for commercial messaging apps. The campaigns are aimed at high-value t
Jun 29
bottom of page