Login Subscribe

7secure Coverage

Articles

Search and filter the broader reporting stream across incidents, AI security, policy, and operational coverage.

Malware & Ransomware

Ransomware Group Revives Log4j2 Flaw to Hit Hospitals, Factories, Banks

Ransomware Group Revives Log4j2 Flaw to Hit Hospitals, Factories, Banks

A known ransomware syndicate has resurfaced an old but unpatched Log4j2 vulnerability to launch a multi‑stage attack chain. The group first exploits the logging flaw to gain initial foothold, then runs a credential‑harvesting module that steals domain and service accounts before deploying ransomware to encrypt critical data across

AI Security & Threats

AI‑Driven Credential Stuffing Jumps 70% YoY, Bypassing Rate Limits

AI‑Driven Credential Stuffing Jumps 70% YoY, Bypassing Rate Limits

Palo Alto Networks’ Unit 42 reports a 70% year‑over‑year surge in credential‑stuffing campaigns that now leverage generative AI. Attackers feed leaked username‑password pairs into large language models, which then produce highly plausible password variations and guess lists that mimic real user behavior. By crafting these AI‑

Threat Intelligence

State‑Backed Espionage Hijacks EDA Tools, Steals Chip Design Secrets

State‑Backed Espionage Hijacks EDA Tools, Steals Chip Design Secrets

The Cybersecurity and Infrastructure Security Agency (CISA) disclosed a coordinated espionage campaign by a nation‑state actor that infiltrated electronic design automation (EDA) platforms used by major semiconductor manufacturers. By compromising the software supply chain—through malicious updates and credential theft—the group gained unauthorized access to proprietary circuit schematics,

Compliance & Regulation

EU Enforces AI Security Rules: New Compliance Framework Takes Effect

EU Enforces AI Security Rules: New Compliance Framework Takes Effect

The European Commission has officially adopted a sweeping AI security regulation that obliges any high‑risk artificial intelligence system offered in the EU to implement defined security controls, provide transparent documentation, and maintain auditable logs of model decisions and data flows. The rulebook builds on GDPR’s data‑protection foundations

Vulnerabilities & Exploits

Critical Windows Kernel Zero‑Day Weaponized Against Banks in NA and EU

Critical Windows Kernel Zero‑Day Weaponized Against Banks in NA and EU

Microsoft’s Security Response Center has disclosed a critical zero‑day vulnerability in the Windows kernel that grants attackers system‑level privileges without any user interaction. The flaw can be triggered remotely and has been confirmed as actively exploited in the wild. Telemetry shows the exploit is being used in

AI Security & Threats

AI‑Powered Phishing Kits Flood Darknet, Evade Traditional Filters

AI‑Powered Phishing Kits Flood Darknet, Evade Traditional Filters

Security teams tracking underground markets have documented a sharp rise in commercially‑available phishing kits that embed large language models. These kits automatically generate highly targeted email copy, tailoring language to specific industries, regional slang, and even individual job titles. By selling the kits on darknet forums, threat actors can