Storm-2949 turned stolen credentials into a cloud-wide breach, moving from identity compromise to large-scale data theft ...

A threat actor targeting Microsoft 365 and Azure production environments is stealing data in attacks that abuse legitimate ...

Google followed its Cloud Next '26 Gemini Enterprise Agent Platform rollout and its Antigravity CLI transition with a broader I/O 2026 agent-development stack spanning Agent Studio, Managed Agents API ...

Google's GTIG identified the first zero-day exploit developed with AI and stopped a mass exploitation event. The report documents state actors using AI for vulnerability research and autonomous ...

Background Joint analyses across multiple health datasets can increase statistical power and improve the generalisability of ...

Microsoft says Storm-2949 targets Microsoft 365 and Azure environments using MFA abuse, password resets, and cloud data theft ...

This content has been selected, created and edited by the Finextra editorial team based upon its relevance and interest to our community. On April 28, early adopters will be able to access historical ...

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...

A stealthy Python-based backdoor framework capable of long-term surveillance and credential theft has been identified targeting Windows systems. According to research from Securonix, the malware, ...

Why it matters: Automating security tasks reduces human error, speeds up detection, and ensures consistent reporting for vulnerability management, compliance, and proactive threat mitigation. What’s ...

Google's reCAPTCHA is testing a system that requires you to scan a QR code with an Apple or Google-certified phone. Here's ...

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive developer data and cryptocurrency wallets. The dangerous release is 0.23.3, ...