Artificial Intelligence | Breaking Cybersecurity News | The Hacker News

Many of the day-to-day digital operations of businesses, governments, and critical infrastructure have one thing in common: Microsoft. From the Microsoft Windows operating systems powering endpoints and servers, to Azure's rapidly growing cloud services, Microsoft's products are everywhere, making the company and its products attractive targets for threat actors seeking to exploit vulnerabilities at scale.  With more than 1.4 billion Windows users around the globe and the adoption of platforms like Microsoft 365, Active Directory, and Azure surging, a single exploitable vulnerability in a Microsoft product can open the door to privilege escalation, lateral movement, or ransomware deployments that impact tens of thousands of interconnected systems. Whether nation state or financially motivated, modern cyber-crime syndicates will consistently take the path of least resistance, and vulnerable assets are a reliable attack vector. For twelve years, the Microsoft Vulnerabilities Repor...

I have been a Star Wars fan since the moment I took my seat in the theatre and saw Princess Leia's rebel ship trying to outrun an Imperial Star Destroyer. It's impossible to see that movie (or its greatest successor, Andor ) and not take the side of the underdog rebels, who are determined to escape the iron fist of imperial control. Of course, in my work as a security professional, "control" is the name of the game. I've spent as much of my career trying to stop my own end-users from going outside the lines as I have trying to guard against malicious outsiders. I personally still think I'm the good guy, since my ultimate goal is to protect sensitive data, but I understand why IT and security teams are often seen as the bad guys. After all, we do operate according to something called the "rule of no." It's not great branding, and increasingly, it just isn't working. Here's the situation in 2025: we have a galaxy's worth of diverse applications, devices, and user identities accessing...

The surge in DDoS attack traffic this year has been driven in part by the rapid expansion of IoT devices - from smart watches and home appliances to cars, hundreds of millions of new devices are joining the global internet. Many of these new devices feature poor security and are easily added to attacker's pool of botnets.  It is true that the DDoS threat grows alongside internet expansion. But the relationship isn't linear. The true catalyst behind this surge lies in the mass availability of botnet-for-hire platforms and low-barrier attack tools. Meanwhile, the number of high-value targets – such as financial institutions, governments, and critical infrastructure – remains relatively fixed. The result is a growing imbalance, in which more attackers are armed with more tools - targeting the same essential services with increasing frequency and complexity. How AI Makes DDoS More Dangerous  AI and machine learning are impacting the evolution of DDoS strategies and tactics. T...

Businesses are firmly in attackers' crosshairs. Financially motivated cybercriminals conduct ransomware attacks with record-breaking ransoms being paid by companies seeking to avoid business interruption. Others, including nation-state hackers, infiltrate companies to steal intellectual property and trade secrets to gain commercial advantage over competitors. Further, we regularly see critical infrastructure being targeted by nation-state cyberattacks designed to act as sleeper cells that can be activated in times of heightened tension. Companies are on the back foot. Leaders must be confident in their cyber posture: Are defenses up to the job of keeping attacks at bay? Does the leadership team have a complete understanding of the threats and risks the company faces? How can CEOs seize the initiative to get ahead of threats? Adoption of zero trust architectures to improve cyber defense Businesses that don't embrace true zero trust will find themselves increasingly vulnerable to br...

Security and compliance professionals are no strangers to complexity. From staying ahead of ever-evolving threat landscapes to navigating an expanding web of regulatory requirements, the day-to-day demands often feel like a game of whack-a-mole. Enter AI copilots—powerful tools that, when used thoughtfully, can dramatically streamline operations and supercharge your security and compliance programs. While much of the hype around AI focuses on futuristic capabilities, the real magic today lies in using these tools to augment existing workflows. Think of copilots not as replacements for security teams, but as force multipliers—always-on assistants that help reduce toil, improve consistency, and enable teams to focus on higher-value initiatives. AI Copilots in Action: Security & Compliance Use Cases AI copilots are no longer just experimental toys. Here are a few ways forward-thinking security teams are using generative AI tools—like OpenAI's custom GPTs and Google's Gemini Gems...

It's been reported that a new, generative AI worm dubbed "Morris II" has emerged. And for many, this new, generative AI worm is an understandable reason to panic.  Pushing back against hysteria, however, we discover that Morris II only targets AI apps and AI-enabled email assistants. No attack is a good one, but at least this one's very specific. More importantly, the recognition that just as AI is helping to accelerate and automate attacks, it will also drastically improve security efficacy.  While AI threatens to overwhelm reactive security teams with the pace and sophistication of its onslaught, it can likewise enable proactive prevention through predictive processes and controls. This is critical to giving security teams the chance to withstand the barrage that awaits them. Scaling alongside AI-enabled attacks There are two proactive efforts that scale well when accelerated attacks become the norm. Neither of these efforts need to be AI-powered to be effective against...

Shadow AI is presenting new challenges for security leaders. While AI tools have already revolutionized how we work, they've also created unprecedented security challenges that our traditional strategies or tools simply weren't designed to handle. I've spent the last decade working with organizations grappling with emerging tech risks, and I can tell you that this is different. In this post, we'll talk about why, and more importantly, what you can do about it. The Hidden Risks of AI Adoption: Shadow AI The Wiz research team recently uncovered a publicly exposed DeepSeek production ClickHouse database , leaking chat history, API secrets, and other sensitive data—raising serious concerns for any organization using DeepSeek's models. Truth is that many teams rushed to try out DeepSeek given the hype around its truly advanced technologies. While the DeepSeek situation has been surrounded by FUD, drama, and misinformation, it has also set important precedents for privacy ...

From the moment it hits the wire—be it MISP or Mandiant—the value and efficacy of cyber threat intelligence (CTI) begins to decay for the organizations that intend to consume it. The data that was once essential for evaluating and reducing risk becomes dated and less helpful as adversaries constantly adapt their tactics, techniques, and procedures (TTPs).  We refer to this as ' threat intelligence decay .' Meanwhile, the NCSC have reported that threat actors have begun leveraging artificial intelligence, with an expectation that they will soon be using AI to evolve and enhance existing TTPs. This advent of AI is exacerbating the challenge of threat intelligence decay. Information that was once a golden nugget of defense can quickly turn into fool's gold, leaving organizations exposed to new threats. When we look at one of the most practical applications that threat intelligence has in an organization—the threat management process—it's frightening how much these problems are co...