Security Buzz
Online/Digital
Our mission at Security Buzz is to deliver accurate, timely, and actionable information to help IT professionals and the general public navigate the complex world of cybersecurity. By offering a mix of breaking news, expert insights, and practical resources, we aim to empower our readers to make informed decisions and enhance their cyber defense strategies. Source
Actions
Media Outlet details
| Scope | Trade/B2B, Consumer |
|---|---|
| Language | English |
| Country | United States of America |
|
Similarweb UVM |
Request pricing |
|
Comscore UVM |
Request pricing |
Recent Articles
Search ArticlesMalware Campaign Uses AI Hype to Spread AsyncRAT
A new FortiGuard Labs investigation reveals a malware campaign built entirely around a contradiction. The campaign uses the promise of AI education to deliver an Asynchronous Remote Access Trojan (AsyncRAT)—while also bearing the unmistakable fingerprints of AI assistance in its construction. The victims, searching for guidance on topics like PostgreSQL 18 or agentic coding, download what looks like a helpful technical resource.
OT Security Ratings Fall as Visibility Improves
Industrial organizations may be getting a clearer view of their cybersecurity risk, and the picture is not as reassuring as many previously believed. Fortinet’s 2026 State of Operational Technology and Cybersecurity Report found a sharp drop in the share of organizations rating their operational technology cybersecurity programs at the highest maturity level. In 2025, 49% of respondents rated their programs at Level 4, the most advanced tier. In 2026, that figure fell to 17%.
Inside Databricks' Bet on Agentic Security
The rising prevalence of AI tools in the past few years, and the more recent development of agentic AI, have not only been applied to personal and enterprise purposes, but also significantly shifted the threat landscape. Attackers using tactics and technology powered by AI can now probe cloud, software-as-a-service (SaaS), and AI systems for vulnerabilities at machine speed, enabling them to launch massive volumes of attacks with far less human input than ever before.
NSPM-12 Rewires the Governance of America's Most Sensitive Cyber Networks
For over 35 years, the framework governing the National Security Systems (NSS) of the United States has been governed by National Security Directive (NSD) 42, a policy set by the Bush administration in 1990. This governance model has remained static alongside three decades of adversarial evolution of tactics and technologies. The framework of NSD-42 is ineffective in protecting modern systems against a constantly evolving threat landscape.
How Hacked Devices Are Rewriting the Threat Landscape
The nationally-recognized nonprofit Identity Theft Resource Center recently published its 2026 Trends in Identity Report (TIR), the fifth installment in the annual series exploring the current state of the identity threat landscape. The report outlines the most significant trends and ongoing shifts in identity crime in an effort to offer guidance and information to those seeking advice on or directly impacted by identity theft, fraud, and scams.
Five Eyes Warns Chinese Intelligence Is Using Job Platforms to Recruit Sources
Chinese military intelligence operatives are posing as online recruiters to reach people with sensitive government or military knowledge, according to a joint warning from the Five Eyes intelligence-sharing alliance. The joint advisory from the United States, United Kingdom, Canada, Australia and New Zealand says operatives have posed as recruiters, human resources consultants and representatives of legitimate-looking companies on platforms including LinkedIn, Indeed and Upwork.
Accenture Is Repositioning OT Cybersecurity Around Asset Intelligence
In recent years, with rising geopolitical tensions, nation-state threat actors have been increasingly targeting industrial and critical infrastructure environments. Operational technology (OT) environments have historically been underprotected due to reliance on the assumed safety of air-gapped security measures and the prioritization of operational continuity. A pattern of escalating incidents is now forcing boards and regulators to demand a measurable security posture across physical operations.
How DragonForce Weaponized Microsoft Teams to Outlast Its Own Ransomware
In a recent attack, threat actors compromised a U.S. services firm’s network using malware tactics unseen prior to this incident. The attackers’ initial access was traced to an unidentified vulnerability in either an SQL or MSSQL server. According to analysis of the incident, it is possible that the network access was purchased outright from a criminal access broker, enabling the attack.
Fake Banks and Phantom Agencies Draining Billions from U.S. Bank Accounts
New Federal Trade Commission (FTC) data shows how imposter scams have become the most reported form of fraud in the U.S. Financial losses nearly tripled from 2020 to 2025, and last year, Americans lost $3.5 billion to people pretending to be someone they trusted. These included threat actors impersonating bank fraud departments, IRS agents, and familiar faces on social media platforms. The agency findings reveal something more unsettling than the rising number: a shift in where con artists hunt.
Rokarolla Malware Can Block Alerts and Manipulate Android Banking Sessions
Zimperium researchers have identified an Android banking trojan that targets 217 banking and cryptocurrency apps and can help attackers manipulate infected phones during fraud attempts. The malware, called Rokarolla, is distributed through malicious websites that present it as popular apps, including TikTok and Google Chrome.