Lifeboat Foundation

The ability to remain installed and undetected makes Perfctl hard to fight.

Google has implemented increasingly sophisticated protections against those who would compromise your Gmail account —but hackers using AI-driven attacks are also evolving. Here’s what you need to know.

Sam Mitrovic, a Microsoft solutions consultant, has issued a warning after almost falling victim to what is described as a “super realistic AI scam call” capable of tricking even the most experienced of users.

It all started a week before Mitrovic realized the sophistication of the attack that was targeting him. “I received a notification to approve a Gmail account recovery attempt,” Mitrovic recounts in a blog post warning other Gmail users of the threat in question. The need to confirm an account recovery, or a password reset, is a notorious phishing attack methodology intended to drive the user to a fake login portal where they need to enter their credentials to report the request as not initiated by them.

(NEXSTAR) — The Internet Archive, a popular digital library known for its Wayback Machine, was hacked and suffered a data breach that reportedly exposed 31 million user accounts.

Founder Brewster Kahle confirmed in a post on the social media platform X that a cyberattack on Tuesday knocked the website offline. He also said that usernames, emails, and encrypted passwords had been compromised.

“Services are currently stopped to upgrade internal systems,” Kahle wrote in a Thursday update. “We are working to restore services as quickly and safely as possible. Sorry for this disruption.”

The hack exposed the data of 31 million users as the embattled Wayback Machine maker scrambles to stay online and contain the fallout of digital—and legal—attacks.

Ivanti warns of active exploitation of three new CSA vulnerabilities, enabling hackers to bypass security measures.

Gamers searching for game cheats are falling victim to a global malware campaign delivering RedLine Stealer.

GoldenJackal cyber threat targets air-gapped systems in embassies and governments, using USB-based malware.

New Gorilla botnet launches over 300,000 DDoS attacks globally, exploiting IoT devices and Apache Hadoop flaws.

Organizations are losing between $94 — $186 billion annually to vulnerable or insecure APIs (Application Programming Interfaces) and automated abuse by bots. That’s according to The Economic Impact of API and Bot Attacks report from Imperva, a Thales company. The report highlights that these security threats account for up to 11.8% of global cyber events and losses, emphasizing the escalating risks they pose to businesses worldwide.

Drawing on a comprehensive study conducted by the Marsh McLennan Cyber Risk Intelligence Center, the report analyzes over 161,000 unique cybersecurity incidents. The findings demonstrate a concerning trend: the threats posed by vulnerable or insecure APIs and automated abuse by bots are increasingly interconnected and prevalent. Imperva warns that failing to address security risks associated with these threats could lead to substantial financial and reputational damage.