Threat intelligence stories

Survey finds 77% of security professionals want AI tools in security operations kept under human oversight, as 88% adopt guardrails.

Proofpoint says mailbox rule abuse is becoming a routine Microsoft 365 takeover tactic, helping attackers hide alerts, hijack threads and drive fraud.

Appdome widens its IDAnchor platform with server-side Risk Intelligence APIs, giving fraud teams verified mobile signals, threat history and AI-ready scores.

Splashtop bets on AI-assisted patching and security alerts in a single console as it targets lean IT teams and MSPs with a new endpoint platform.

VIPRE expands into student cyber safety with age-based lessons on phishing, AI impersonation and online abuse for schools and partners.

Sonatype flags 21,764 malicious open-source packages in Q1 2026, with npm hit hardest as attackers used trusted workflows to steal secrets.

Splashtop unveils AI-assisted endpoint platform for IT teams, blending patching, remote support and security alerts in one console.

Enterprises urged to overhaul cyber defences as Anthropic's upcoming Mythos model raises fears of faster phishing, deepfakes and automated attacks.

Forrester warns Anthropic's Project Glasswing could overwhelm vulnerability management, as AI uncovers flaws faster than patching teams can respond.

Doppel secures three ISO certifications for AI governance, security and privacy, as enterprise buyers demand stronger assurance against AI-driven cyber threats.

Researchers link Android banking trojan to Cambodia scam compound, exposing a malware-for-hire network impersonating banks and agencies across 21 countries.

Cambodia scam compounds are being tied to a mobile banking fraud network that hit users in 21 countries, researchers say.

Treasury extends free cyber threat intelligence to eligible US crypto firms after a spate of costly hacks exposed rising operational risks.

OPSWAT adds millisecond AI file screening to MetaDefender, aiming to cut false positives and speed decisions in critical infrastructure networks.

UK SOC spots Monday-morning conditional access failure from Germany, helps reset compromised Microsoft 365 account before attackers can strike.

iProov warns iOS injection attacks surged 1,151% in late 2025 as generative AI fuels deepfake impersonation and identity fraud.

Microsoft warns that 10 to 15 EvilToken phishing runs are launched daily, compromising hundreds of organisations through OAuth token abuse.

Qualys says attackers are exploiting flaws before disclosure as remediation backlogs swell, with edge devices facing the highest risk.

TrendAI urges stronger AI governance as it shifts cybersecurity from fear-based selling to platformised risk reduction for Australian firms.

Microsoft says Storm-1175 is exploiting newly disclosed flaws within hours, hitting organisations in the UK and elsewhere with fast-moving Medusa ransomware.