Cybersecurity

Google Pixel 10 Adds C2PA Support to Verify AI-Generated Media Authenticity 

Google Pixel 10 Adds C2PA Support to Verify AI-Generated Media Authenticity 

Google on Tuesday announced that its new Google Pixel 10 phones support the Coalition for Content Provenance and Authenticity (C2PA) standard out of the box to verify the origin and history of digital content.
To that end, support for C2PA’s Content Credentials has been added to Pixel Camera and Google Photos apps for Android. The move, Google said, is designed to further digital media

Senator Wyden Urges FTC to Probe Microsoft for Ransomware-Linked Cybersecurity Negligence 

Senator Wyden Urges FTC to Probe Microsoft for Ransomware-Linked Cybersecurity Negligence 

U.S. Senator Ron Wyden has called on the Federal Trade Commission (FTC) to probe Microsoft and hold it responsible for what he called “gross cybersecurity negligence” that enabled ransomware attacks on U.S. critical infrastructure, including against healthcare networks.
“Without timely action, Microsoft’s culture of negligent cybersecurity, combined with its de facto monopolization of the

SonicWall SSL VPN Flaw and Misconfigurations Actively Exploited by Akira Ransomware Hackers 

SonicWall SSL VPN Flaw and Misconfigurations Actively Exploited by Akira Ransomware Hackers 

Threat actors affiliated with the Akira ransomware group have continued to target SonicWall devices for initial access.
Cybersecurity firm Rapid7 said it observed a spike in intrusions involving SonicWall appliances over the past month, particularly following reports about renewed Akira ransomware activity since late July 2025.
SonicWall subsequently revealed the SSL VPN activity aimed at its

Fake Madgicx Plus and SocialMetrics Extensions Are Hijacking Meta Business Accounts 

Fake Madgicx Plus and SocialMetrics Extensions Are Hijacking Meta Business Accounts 

Cybersecurity researchers have disclosed two new campaigns that are serving fake browser extensions using malicious ads and fake websites to steal sensitive data.
The malvertising campaign, per Bitdefender, is designed to push fake “Meta Verified” browser extensions named SocialMetrics Pro that claim to unlock the blue check badge for Facebook and Instagram profiles. At least 37 malicious ads

Cracking the Boardroom Code: Helping CISOs Speak the Language of Business 

Cracking the Boardroom Code: Helping CISOs Speak the Language of Business 

CISOs know their field. They understand the threat landscape. They understand how to build a strong and cost-effective security stack. They understand how to staff out their organization. They understand the intricacies of compliance. They understand what it takes to reduce risk. Yet one question comes up again and again in our conversations with these security leaders: how do I make the impact

AsyncRAT Exploits ConnectWise ScreenConnect to Steal Credentials and Crypto 

AsyncRAT Exploits ConnectWise ScreenConnect to Steal Credentials and Crypto 

Cybersecurity researchers have disclosed details of a new campaign that leverages ConnectWise ScreenConnect, a legitimate Remote Monitoring and Management (RMM) software, to deliver a fleshless loader that drops a remote access trojan (RAT) called AsyncRAT to steal sensitive data from compromised hosts.
“The attacker used ScreenConnect to gain remote access, then executed a layered VBScript and

Smashing Security podcast #434: Whopper Hackers, and AI Whoppers 

Smashing Security podcast #434: Whopper Hackers, and AI Whoppers 

Ever wondered what would happen if Burger King left the keys to the kingdom lying around for anyone to use? Ethical hackers did – and uncovered drive-thru recordings, hard-coded passwords, and even the power to open a Whopper outlet on the moon.

Meanwhile, over in Silicon Valley, one AI wunderkind managed to turn a $7 million payday into a career-ending lawsuit by allegedly walking trade secrets straight out the door as he jumped ship for a rival.

All this and much more is discussed in episode 434 of the award-winning “Smashing Security” podcast with computer security veteran Graham Cluley, joined this week by special guest Lianne Potter.

Chinese APT Deploys EggStreme Fileless Malware to Breach Philippine Military Systems 

Chinese APT Deploys EggStreme Fileless Malware to Breach Philippine Military Systems 

An advanced persistent threat (APT) group from China has been attributed to the compromise of a Philippines-based military company using a previously undocumented fileless malware framework called EggStreme.
“This multi-stage toolset achieves persistent, low-profile espionage by injecting malicious code directly into memory and leveraging DLL sideloading to execute payloads,” Bitdefender

CHILLYHELL macOS Backdoor and ZynorRAT RAT Threaten macOS, Windows, and Linux Systems 

CHILLYHELL macOS Backdoor and ZynorRAT RAT Threaten macOS, Windows, and Linux Systems 

Cybersecurity researchers have discovered two new malware families, including a modular Apple macOS backdoor called CHILLYHELL and a Go-based remote access trojan (RAT) named ZynorRAT that can target both Windows and Linux systems.
According to an analysis from Jamf Threat Labs, ChillyHell is written in C++ and is developed for Intel architectures.
CHILLYHELL is the name assigned to a malware

NEW CUSTOMERS CALL TODAY: 720.221.6804  |  EXISTING CUSTOMERS REQUIRING SUPPORT: 303.617.6442

X