McAfee + ChatGPT integration brings real-time scam detection in conversations and gives users an easier way to verify suspicious content before clicking or responding. It is available to anyone, without requiring a McAfee or ChatGPT subscription. It combines conversational AI with McAfee’s cybersecurity intelligence to help users evaluate potentially dangerous content such as messages, emails,…
Author: admin
AI, Compliance, Endpoint, Global Security News
When ransomware hits, confidence doesn’t restore endpoints
Ransomware, supply chain vulnerabilities, insider threats, compliance failures, and software disruptions remain major concerns for security leaders, according to The Ransomware Reality: Zero Days to Recover report by Absolute Security. How CISOs currently ensure endpoint resilience against ransomware (overall, %) (Source: Absolute Security) A survey of 750 CISOs from enterprise organizations with more than 5,000…
AI, Cybersecurity, Global Security News
Former CISA nominee Sean Plankey named US CEO of defense startup
Sean Plankey, most recently the nominee for director of the Cybersecurity and Infrastructure Security Agency, is joining defense technology company UFORCE as its U.S. chief executive officer. The London-based company created out of nine Ukrainian-based firms announced Plankey’s move Monday less than a month after he withdrew his nomination amid difficulties overcoming objections from senators…
AI, Global Security News
Weekly Update 504
It’s a hot topic, the old “pay or don’t pay” for hackers not to leak your data. Since recording this a few days ago, we’ve had Grafana go with the “no pay” approach, and I’ve seen a raft of commentary around other companies reaching “agreements”, which is a much politer way of saying “we paid…
Global Security News
Apple Is Making Hit Products and High Profits From Imperfect Chips
The company’s popular, $599 Neo laptop is just one of dozens of Apple devices that use lower-performing processors.
AI, Global Security News
Agentic Governance: Why It Matters Now
AI agents now act inside the trust boundary with real credentials, and agentic governance is what keeps them from quietly breaking things at machine speed.
AI, Global Security News
WantToCry ransomware remotely encrypts files
Brute-force attempts against SMB services can be early signs of an attack Categories: Threat Research Tags: Ransomware, WantToCry, SMB
AI, Cybersecurity, Exploits, Global Security News
New Windows ‘MiniPlasma’ zero-day exploit gives SYSTEM access, PoC released
A cybersecurity researcher has released a proof-of-concept exploit for a Windows privilege escalation zero-day dubbed “MiniPlasma” that lets attackers gain SYSTEM privileges on fully patched Windows systems. […]
Global Security News
Closing the Gap: The Regulatory and Structural Maturation of Digital Assets
Digital assets are reshaping global finance as institutions adopt regulated crypto infrastructure, stablecoins, and tokenized assets.
AI, APAC, Global Security News
Debian 13.5 point release lands with security fixes, bug patches
Debian 13.5 is the fifth point release for the stable distribution “trixie.” The update folds in roughly 100 Debian Security Advisories and corrections for more than 130 source packages, covering everything from the Linux kernel and Apache HTTP Server to OpenSSH, sudo, systemd, OpenSSL, glibc, and FreeRDP. Fresh installer images carrying the same fixes will…
Global Security News
Tycoon2FA hijacks Microsoft 365 accounts via device-code phishing
The Tycoon2FA phishing kit now supports device-code phishing attacks and abuses Trustifi click-tracking URLs to hijack Microsoft 365 accounts. […]
AI, Exploits, Global Security News, malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 97
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter JDownloader site hacked to replace installers with Python RAT malware New TrickMo Variant: Device Take Over malware targeting Banking, Fintech, Wallet & Auth apps Threat Actor Mr_Rot13 Actively Exploits CVE-2026-41940 for Backdoor Deployment Operation…
AI, Global Security News
Who Owns the Future of AI?
Plus, what to look for in a used EV, Anthropic’s AI lead, the Cerebras IPO, the OpenAI lottery tickets and the most AI-proof jobs in tech.
AI, APAC, Cybersecurity, Data Breaches, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security, Russia
Security Affairs newsletter Round 577 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Attackers exploit Funnel Builder bug to inject e-skimmers into e-stores Pwn2Own Berlin 2026, Day Three: DEVCORE…
AI, Endpoint, Exploits, Global Security News, malware
Attackers exploit Funnel Builder bug to inject e-skimmers into e-stores
Attackers are exploiting a critical flaw in the WordPress Funnel Builder plugin to inject skimming code into WooCommerce checkout pages. A critical vulnerability in the WordPress Funnel Builder plugin is being actively exploited to inject malicious JavaScript into WooCommerce checkout pages, according to Sansec researchers. Funnel Builder by FunnelKit is a checkout and upsell plugin…
AI, Exploits, Global Security News
NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE
A newly disclosed security flaw impacting NGINX Plus and NGINX Open has come under active exploitation in the wild, days after its public disclosure, according to VulnCheck. The vulnerability, tracked as CVE-2026-42945 (CVSS score: 9.2), is a heap buffer overflow in ngx_http_rewrite_module affecting NGINX versions 0.6.27 through 1.30.0. According to AI-native security company depthfirst, the
AI, Global Security News
Scammers Send Physical Phishing Letters to Steal Ledger Wallet Seed Phrases
Scammers are mailing fake Ledger phishing letters to users in Italy with QR codes that trick crypto wallet users into revealing seed phrases.
Global Security News
Grafana Says It Rejected Ransom Demand After Source Code Theft
Grafana says hackers stole its source code after accessing a GitHub token, but no customer data or systems were affected.
AI, Global Security News
How Amazon Went From an AI Also-Ran to a Real Contender
The pieces are coming together for AWS’s AI strategy, thanks to $200 billion in spending, custom chips and savvy deals.
AI, Cybersecurity, Exploits, Global Security News, Network Security
Week in review: Cisco patches SD-WAN 0-day, unpatched Microsoft Exchange Server flaw exploited
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Review: Foundations of Cybersecurity, 2nd edition Jason Andress has refreshed his introductory security text for No Starch Press. He writes in the introduction that the term security now extends past data center servers to cloud resources, mobile devices, the Internet…
AI, Global Security News
Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt
Grafana has disclosed that an “unauthorized party” obtained a token that granted them the ability to access the company’s GitHub environment and download its codebase. “Our investigation has determined that no customer data or personal information was accessed during this incident, and we have found no evidence of impact to customer systems or operations,” Grafana…
Global Security News
AI Chip Mania Sows Seeds of Its Own Destruction
Investors already factor in cyclicality in the chip industry. The bad news is that they’ve frequently gotten their assessments wrong.
AI, Exploits, Global Security News
Pwn2Own Berlin 2026, Day Three: DEVCORE Crowned Master of Pwn, $1.298 Million Total
Pwn2Own Berlin 2026 ended with 47 zero-days and $1.29M in payouts, as DEVCORE dominated the competition across all categories. Pwn2Own Berlin 2026 ended after three intense days, with participants discovering 47 unique zero-days, and earning $1,298,250 in total payouts. Pwn2Own Berlin 2026 wrapped up at OffensiveCon on Saturday with a final day that sealed DEVCORE’s…
AI, Global Security News
Microsoft rejects critical Azure vulnerability report, no CVE issued
A security researcher claims Microsoft quietly fixed an Azure Backup for AKS vulnerability after rejecting his report, and without issuing a CVE. Microsoft disputes the claim, telling BleepingComputer the behavior was expected and that “no product changes were made,” despite the researcher documenting a silent fix. […]
AI, china, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management
U.S. CISA adds a flaw in Microsoft Exchange Server to its Known Exploited Vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Microsoft Exchange Server to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Microsoft Exchange Server, tracked as CVE-2026-42897 (CVSS score of 8.1), to its Known Exploited Vulnerabilities (KEV) catalog. This week, Microsoft warned that threat actors are…
AI, Cybersecurity, Data Breaches, Endpoint, Europe, Global Security News, Government & Policy, malware, Network Security, Russia
Russian APT Turla builds long-term access tool with Kazuar Botnet evolution
Russia-linked APT group Turla turned its Kazuar malware into a stealthy P2P botnet for long-term access to compromised systems. Russia-linked APT group Turla upgraded its Kazuar backdoor into a modular peer-to-peer botnet designed for stealth and persistent access to infected systems. Microsoft researchers say the malware allows attackers to maintain long-term control while making detection…
AI, Exploits, Global Security News
Funnel Builder Flaw Under Active Exploitation Enables WooCommerce Checkout Skimming
A critical security vulnerability impacting the Funnel Builder plugin for WordPress has come under active exploitation in the wild to inject malicious JavaScript code into WooCommerce checkout pages with the goal of stealing payment data. Details of the activity were published by Sansec this week. The vulnerability currently does not have an official CVE identifier.…
Global Security News, Russia
Russian hackers turn Kazuar backdoor into modular P2P botnet
The Russian hacker group Secret Blizzard has developed its long-running Kazuar backdoor into a modular peer-to-peer (P2P) botnet designed for long-term persistence, stealth, and data collection. […]
Global Security News
How World’s Fairs Gave Americans a Glimpse of the Future
Among the groundbreaking innovations unveiled at U.S.-hosted exhibitions were the telephone, Ferris wheel and electric lighting.
AI, Global Security News, Risk Management
AI Voice Cloning: The Technology Behind It, Who’s Building It, and Where It’s Headed
Explore AI voice cloning technology, leading companies, real-world uses, ethical risks, and future trends shaping synthetic voices.
AI, Apps, Data Breaches, Global Security News, malware, Risk Management
OpenAI hit by supply chain attack linked to malicious TanStack packages
OpenAI said the TanStack supply chain attack compromised two employee devices and exposed credentials from code repositories. OpenAI confirmed that the recent TanStack supply chain attack compromised two employee devices and exposed credential material stored in internal source code repositories. The incident began after the TeamPCP hacking group abused weaknesses in the package publishing process…
AI, Global Security News
Critical ‘Claw Chain’ Vulnerabilities Put Thousands of OpenClaw AI Servers at Risk
Critical Claw Chain vulnerabilities in OpenClaw expose thousands of AI servers to data theft, backdoors, and admin-level attacks globally this week. .
AI, Global Security News
The Messy Courtroom Drama Over AI’s Biggest Breakup
The legal showdown between Elon Musk and OpenAI exposed the personal and financial fault lines beneath Silicon Valley’s defining boom.
Global Security News
The JPMorgan Sexual-Assault Lawsuit Was Already Messy. AI Is Making It Worse.
First came the scandal. Then came the deepfakes.
AI, Cybersecurity, Data Breaches, Global Security News
Colorado governor commutes prison sentence for election denier Tina Peters
Colorado Governor Jared Polis has commuted the prison sentence of Tina Peters, the former Mesa County election clerk who was sentenced last year to serve nine years in state prison for carrying out one of the most serious election-related data breaches in U.S. history. Peters was arrested in 2021, accused of abusing her position as…
AI, Exploits, Global Security News, Risk Management
Pwn2Own Berlin 2026, Day Two: $385,750 more, Microsoft Exchange falls, and the running total crosses $900K
Day two of Pwn2Own Berlin 2026 saw $385,750 earned for 15 zero-days, bringing the total to $908,750 and 39 vulnerabilities over two days. During the second day of Pwn2Own Berlin 2026, security researchers earned $385,750 after successfully demonstrating 15 unique zero-day vulnerabilities affecting products such as Windows 11, Microsoft Exchange, and Red Hat Enterprise Linux…
AI, Apps, Global Security News, malware, Network Security, Russia
Expired domain leads to supply chain attack on node-ipc npm package
A popular npm package called node-ipc has been compromised, with hackers publishing malicious versions that bundle credential stealing malware. The root cause of the compromise was an expired domain name that attackers managed to register in order to hijack a maintainer’s account. The node-ipc package has had malware added to its code in the past.…
AI, Cybersecurity, Global Security News
The Next Cybersecurity Challenge May Be Verifying AI Agents
AI agents are reshaping cybersecurity. Learn why verification, trusted identity standards, and runtime controls are now essential.
AI, Apps, Cybersecurity, Exploits, Global Security News, Risk Management
Exchange Server zero-day vulnerability can be triggered by opening a malicious email
A newly discovered zero-day vulnerability in Microsoft Exchange Server has experts declaring an emergency and urging CSOs to think about the need to abandon on-premises email solutions. “Because it’s already being exploited in the wild, this isn’t a ‘patch next week situation; it’s a ‘mitigate right now’ emergency,” warned Rob Enderle of the Enderle Group.…
AI, Compliance, Exploits, Global Security News, privacy, Risk Management
Here’s how the FTC plans to enforce the Take It Down Act
The Federal Trade Commission is set to begin enforcing a key provision of the Take Down Act on May 19, requiring websites and online services to remove nonconsensual deepfake media within 48 hours after a victim’s notice—or risk fines and FTC investigation. The law, passed by Congress last year, allowed law enforcement to immediately prosecute…
Global Security News
SpaceX Is Aiming to Go Public on June 12 in What Stands to Be Biggest IPO Ever
Elon Musk’s rocket company is expected to make its IPO paperwork public next week.
Exploits, Global Security News
Funnel Builder WordPress plugin bug exploited to steal credit cards
A critical vulnerability in the Funnel Builder plugin for WordPress is being actively exploited to inject malicious JavaScript snippets into WooCommerce checkout pages. […]
AI, APAC, Apps, Endpoint, Exploits, Global Security News, Network Security, Risk Management
For May, Patch Tuesday means 139 updates — but no zero-days
Microsoft this week released 139 updates affecting Windows, Office, .NET, and SQL Server (though there were no updates for Microsoft Exchange Server). Despite the absence of zero-days, the May Patch Tuesday update still requires Patch Now recommendations for Windows and Office. The combination of three unauthenticated network RCEs (Netlogon, DNS Client, and SSO Plugin for…
AI, Compliance, Global Security News, Risk Management
Workday: AI is Faster, but Making Work Busier
Workday recently released new research that found that while employees are using AI in their work, the technology’s impact is limited, as it has made them busier. Workers report more time connecting systems as AI adoption expands According to the report, titled “The Copy/Paste Economy: Why Task-Oriented AI is Failing the Enterprise,” 8 in 10…
AI, Cybersecurity, Global Security News
Optiv Refines Partner Program as AI Reshapes Cybersecurity
John Hurley, chief revenue officer at Optiv, said the company’s OptivOne partner program was designed to bring more transparency, predictability, and defined rules of engagement to a cybersecurity ecosystem he described as “hyper competitive.” “This marketplace that we deal with today is very competitive, like hyper competitive,” Hurley told Channel Insider. “When you partner with…
Exploits, Global Security News
Microsoft Exchange, Windows 11 hacked on second day of Pwn2Own
During the second day of Pwn2Own Berlin 2026, competitors collected $385,750 in cash awards after exploiting 15 unique zero-day vulnerabilities in multiple products, including Windows 11, Microsoft Exchange, and Red Hat Enterprise Linux for Workstations. […]
AI, Apps, Compliance, Data Breaches, Data Security, Endpoint, Global Security News, malware, Network Security, privacy, Risk Management
The AWS AI Security Framework: Securing AI with the right controls, at the right layers, at the right phases
TL;DR for busy executives The AWS AI Security Framework helps security leaders move fast and stay secure with AI. Security compounds from day 1 as workloads evolve from prototype to production to scale. Assess first. Request a no-cost SHIP engagement to baseline your posture and build a prioritized roadmap. Phase 1 – Foundational (zero to…
AI, Global Security News, malware
Popular node-ipc npm package compromised to steal credentials
Hackers have injected credential-stealing malware into newly published versions of node-ipc, a popular inter-process communication package, in a new supply chain attack targeting npm. […]
Cybersecurity, Global Security News, Russia
Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access
The Russian state-sponsored hacking group known as Turla has transformed its custom backdoor Kazuar into a modular peer-to-peer (P2P) botnet that’s engineered for stealth and persistent access to compromised hosts. Turla, per the U.S. Cybersecurity and Infrastructure Security Agency (CISA), is assessed to be affiliated with Center 16 of Russia’s Federal Security Service (FSB)
Global Security News, malware
Hackers Use PyInstaller and AMSI Patching to Deliver XWorm RAT v7.4
Hackers are hiding XWorm malware in PyInstaller files to bypass Windows security, steal data and remotely control devices through ads.
AI, Apps, Global Security News
Here’s one career emerging from the AI shift: ‘forward-deployed engineers’
On Thursday, Google Cloud CEO Thomas Kurian issued a call for “forward-deployed engineers” to apply for jobs in the company’s go-to-market AI team. Their task: help non-tech organizations scale up their AI deployments. That term — forward-deployed engineers, FDE for short — has been coming up a lot lately in conversations with CTOs, software engineers,…
AI, APAC, Global Security News, Government & Policy
Why Apple needs Intel — and America needs them both
If you think about it, it’s in the national interest for Apple to work with Intel to develop at least some capacity for silicon production outside of Taiwan. It’s also in Apple’s interest, as its continued growth means it needs more and more chips to put inside an ever-expanding product catalog. During Apple’s Q2 26 fiscal call, CEO Tim Cook…
Global Security News
Avada Builder WordPress plugin flaws allow site credential theft
Two vulnerabilities in the Avada Builder plugin for WordPress, with an estimated one million active installations, allow hackers to read arbitrary files and extract sensitive information from the database. […]
Global Security News
What Will Travel Look Like in 20 Years?
Plus, how tech giants are pushing to build data centers in space and why people are whispering at work.
AI, Global Security News
Anthropic Raising $30 Billion More as AI Labs Absorb Majority of VC Funding
The AI front-runner could raise even more as a tiny number of companies get an unprecedented share of investment this year.
Global Security News
Microsoft Edge to stop loading cleartext passwords in memory on startup
Microsoft is updating the Edge web browser to ensure it no longer loads saved passwords into process memory in clear text at startup. […]
Global Security News
Gremlin Stealer Evolves into Modular Threat with Advanced Evasion Capabilities
A new Gremlin stealer variant has evolved into a modular toolkit with advanced evasion and data theft capabilities, according to new Unit 42 research
Global Security News
Request for Comments: PCI Secure Software Lifecycle Standard v2.0
From 15 May to 15 June, eligible PCI SSC stakeholders are invited to review and provide feedback on the draft PCI Secure Software Lifecycle Standard v2.0 during a 30-day request for comments (RFC) period.
AI, Cybersecurity, Exploits, Global Security News, Network Security
Cisco zero-day under ongoing attack by persistent threat group
Attackers returned once again to a common target with a massive user base by exploiting a max-severity zero-day vulnerability affecting Cisco Catalyst SD-WAN Controller and Manager. The threat group behind the “limited” number of attacks Cisco is aware of thus far are also linked to a series of previously disclosed vulnerabilities in the vendor’s firewalls…
AI, Exploits, Global Security News, malware, Network Security, Risk Management
CVE-2026-20182: Critical Authentication Bypass in Cisco SD-WAN Can Grant Admin Access
A vulnerability affecting Cisco Catalyst SD-WAN Controller has drawn urgent attention after Cisco, Rapid7, and CISA confirmed active exploitation. CVE-2026-20182 is a critical authentication bypass flaw in Cisco Catalyst SD-WAN Controller and Cisco Catalyst SD-WAN Manager that carries a CVSS 10.0 score and can let an unauthenticated remote attacker gain administrative privileges on an affected…
AI, china, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management
CVE-2026-42897: Microsoft confirms active exploitation of Exchange Server zero-day
Microsoft warned that attackers are exploiting a new Exchange Server zero-day vulnerability, tracked as CVE-2026-42897, in the wild. Microsoft warned that threat actors are actively exploiting a new Exchange Server zero-day vulnerability tracked as CVE-2026-42897 (CVSS score 8.1). The vulnerability is an improper neutralization of input during web page generation (‘cross-site scripting’) in Microsoft Exchange…
AI, Apps, Cybersecurity, Data Breaches, Endpoint, Global Security News, malware, Network Security, Risk Management
7AI Uncovers Browser Extension Campaign Evading EDR Defenses
A browser-extension campaign is bypassing traditional EDR defenses by injecting remote JavaScript payloads directly into authenticated browser sessions. Researchers at 7AI uncovered the operation, dubbed CRXfiltrate, after observing suspicious outbound traffic originating from a seemingly harmless Chrome color-picker extension. According to the researchers, the campaign remained active across enterprise environments and delivered operator-controlled payloads without…
AI, Global Security News
Inside the REMUS Infostealer: Session Theft, MaaS, and Rapid Evolution
Stolen browser sessions and authentication tokens are becoming more valuable than stolen passwords. Flare explains how the REMUS infostealer evolved around session theft and operational scalability. […]
AI, Exploits, Global Security News
CVE-2026-42897: Exchange Server OWA Spoofing Flaw Exploited via Crafted Email
Microsoft has disclosed a vulnerability impacting on-premise versions of Exchange Server that is already seeing active exploitation in the wild. Tracked as CVE-2026-42897, the issue carries a CVSS score of 8.1 and affects Exchange Server 2016, Exchange Server 2019, and Exchange Server Subscription Edition, while Exchange Online is not impacted. Microsoft describes it as a…
Global Security News
Australian Defense-Tech Startup to Expand in U.S. After Latest Fund Raise
Arkeus will use the new funds to set up a U.S. manufacturing facility and develop new capabilities.
AI, Cybersecurity, Global Security News
Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence
Cybersecurity researchers have disclosed a set of four security flaws in OpenClaw that could be chained to achieve data theft, privilege escalation, and persistence. The vulnerabilities, collectively dubbed Claw Chain by Cyera, can permit an attacker to establish a foothold, expose sensitive data, and plant backdoors. A brief description of the flaws is below –
AI, Compliance, Global Security News
Lemongrass CTO: SAP Customers Want AI Now, Not Later
Lemongrass CTO Eamonn O’Neill says SAP partners face a changing customer mandate: deliver AI value now, govern emerging agentic tools, and use automation to make transformation work faster, cheaper, and more scalable. SAP customers want AI before the transformation cycle ends SAP customers are no longer willing to wait years for AI value to arrive…
AI, APAC, Cybersecurity, Europe, Global Security News, Government & Policy
Microsoft business software faces UK antitrust probe over bundling, AI lock-in
The UK’s competition regulator has launched a broad antitrust investigation into Microsoft’s business software ecosystem, opening a new front in growing regulatory scrutiny of how cloud platforms, productivity software, and embedded AI capabilities may affect competition in enterprise technology markets. UK’s Competition and Markets Authority (CMA) said in a statement that it had opened a…
Apps, Global Security News
Google lets Workspace admins apply one policy across all SAML apps
Google has updated Context-Aware Access (CAA) in Google Workspace to introduce a default policy assignment for SAML applications. SAML applications are third-party or internal applications that use the Security Assertion Markup Language (SAML) protocol to enable single sign-on (SSO) with Google Workspace credentials. Google says this update introduces a default assignment that serves as a…
AI, Exploits, Global Security News
Cisco patches another actively exploited SD-WAN zero-day (CVE-2026-20182)
Cisco has patched yet another Catalyst SD-WAN Controller authentication bypass vulnerability (CVE-2026-20182) that has been exploited as a zero-day by “a highly sophisticated cyber threat actor”. About CVE-2026-20182 CVE-2026-20182 – affecting both Cisco Catalyst SD-WAN Controller (the “brain” of the Cisco Catalyst SD-WAN solution) and Cisco Catalyst SD-WAN Manager (the management plane for the entire…
Global Security News
Microsoft Reports Severe Zero-Day Flaw in On-Prem Exchange Servers
The zero-day vulnerability affects on-premises installations for all versions of Exchange Server 2016, 2019 and Subscription Edition
Global Security News
Microsoft to automatically roll back faulty Windows drivers
Microsoft is introducing a new Windows Update capability that will allow it to remotely roll back problematic Windows drivers delivered through Windows Update. […]
AI, Cybersecurity, Exploits, Global Security News, malware, Risk Management
Cybersecurity Insider Survey: AI Is Fueling a New Generation of Threat Actors
Artificial intelligence continues reshaping the cybersecurity landscape, and many security professionals now believe it is also helping create a more capable generation of cybercriminals. We recently surveyed thousands of subscribers to the Cybersecurity Insider newsletter and asked a simple but important question: Is AI creating a new generation of skilled threat actors? Key Takeaways of…
Global Security News
Cyber Pioneers Ponder Past as Prologue
Robert “RSnake” Hansen, Katie Moussouris, Rich Mogull, Richard Stiennon, and Bruce Schneier reflect on how their favorite columns penned for Dark Reading over the past 20 years have stood the test of time.
AI, Apps, Exploits, Global Security News, Network Security, Risk Management
Illicit Enterprise: An Anatomy of the Modern Underground Phishing Marketplace
Just as cyber threats have grown more complex and foreboding, the underground phishing marketplace which makes such attacks possible has profoundly evolved. No longer a Craigslist-styled hodgepodge of products and services, marketplace forums have emerged as complete criminal ecosystems that function as not only distribution points for resources, but as labor exchanges to recruit and…
AI, Cybersecurity, Exploits, Global Security News, Network Security
Cisco warns of an actively exploited SD-WAN flaw with max severity
Cisco has disclosed a max-severity authentication bypass vulnerability affecting its Catalyst SD-WAN Controller and Catalyst SD-WAN Manager platforms, warning that the flaw has already been found to be exploited in the wild. The disclosure follows an earlier authentication bypass vulnerability that Cisco patched in February. In the latest advisory, the company said the new flaw…
AI, Apps, Global Security News
Akamai to acquire LayerX for $205 million
Akamai has entered into a definitive agreement to acquire LayerX, a provider of browser-based AI usage control and secure enterprise browser (SEB) technology. LayerX’s solutions will extend Akamai’s protection into the browser, where the majority of enterprise tasks now occur and where today’s workforce engages with generative AI applications, SaaS AI solutions, and AI agents.…
AI, Global Security News
Companies Have a New AI Problem: Too Many Agents
As it gets easier to create artificial-intelligence agents with platforms like Anthropic’s Claude Cowork , some businesses are dealing with ‘AI agent sprawl.’
Global Security News, malware, Risk Management
What 45 Days of Watching Your Own Tools Will Tell You About Your Real Attack Surface
In Your Biggest Security Risk Isn’t Malware — It’s What You Already Trust, we made a simple argument: the most dangerous activity inside most organizations no longer looks like an attack. It looks like administration. PowerShell, WMIC, netsh, Certutil, MSBuild — the same trusted utilities your IT team uses every day are also the preferred…
AI, Global Security News
TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates
OpenAI has disclosed that two of its employee devices in its corporate environment were impacted via the Mini Shai-Hulud supply chain attack on TanStack, but noted that no user data, production systems, or intellectual property were compromised or modified in an unauthorized manner. “Upon identification of the malicious activity, we worked quickly to investigate, contain,…
Global Security News
Thieves unlock stolen iPhones using cheap tools sold on Telegram
Helping a friend recover a stolen phone, Infoblox researchers uncovered a thriving Telegram-based underground marketplace selling unlocking tools and phishing infrastructure used to monetize stolen iPhones. Activation Lock can remotely disable a stolen iPhone and prevent normal resale, with owners also able to lock individual components. Even with those protections, more than 7.35 million iPhones…
AI, china, Europe, Global Security News, Government & Policy, malware, Network Security, Russia
Ghostwriter group resumes attacks on Ukrainian Government targets
ESET uncovered new Ghostwriter (aka FrostyNeighbor) activity targeting Ukrainian government organizations in a campaign active since March 2026. ESET researchers published a new report documenting fresh activity attributed to the APT group FrostyNeighbor, aka Ghostwriter, active since at least March 2026, targeting Ukrainian governmental organizations. The campaign is similar to previous FrostyNeighbor’s campaigns. The threat…
Data Breaches, Exploits, Global Security News
CalPhishing Scam Uses EvilTokens Kit, Outlook Invites to Steal M365 Sessions
Hackers are exploiting Outlook calendar invites and device code phishing to steal M365 session tokens, bypass MFA and breach enterprise accounts.
AI, Apps, Exploits, Global Security News, Network Security, Risk Management
Autonomous systems are finally working. Security is next
Waymo recently crossed a major milestone: Over 170 million autonomous miles driven without a single serious crash or injury. For years, autonomous driving was treated as a promise that was always just out of reach — too complex, too risky and not ready for the real world. That argument is no longer credible. Autonomous systems…
Exploits, Global Security News, Network Security
Unpatched Microsoft Exchange Server vulnerability exploited (CVE-2026-42897)
A critical cross-site scripting (XSS) vulnerability (CVE-2026-42897) in Microsoft Exchange Server is being exploited by attackers, Microsoft warned on Thursday. A permanent fix is still in the works. In the meantime, Microsoft provided temporary mitigations. About CVE-2026-42897 CVE-2026-42897 affects on-premises versions of Microsoft Exchange Server: Subscription Edition RTM, 2019, and 2016. Exchange Online is not…
Global Security News
Ackman Says Pershing Square Has Taken New Stake in Microsoft
The investor says the tech company is underpriced, and he will disclose the stake in regulatory filings later Friday.
AI, Exploits, Global Security News
Rocky Linux launches opt-in security repository for urgent fixes
Rocky Linux has introduced a Security Repository that allows the distribution to ship urgent security fixes ahead of upstream Enterprise Linux when public exploit code exists and upstream patches are unavailable. “The repository is disabled by default. That’s intentional. The default Rocky Linux experience stays exactly what it has always been: predictable, stable, and fully…
Exploits, Global Security News
Microsoft warns of Exchange zero-day flaw exploited in attacks
On Thursday, Microsoft shared mitigations for a high-severity Exchange Server vulnerability exploited in attacks that allow threat actors to execute arbitrary code via cross-site scripting (XSS) while targeting Outlook on the web users. […]
Global Security News
The Blockbuster Cerebras IPO Is a Huge Bet on Nvidia Fatigue
A startup known for its big chips now has a giant valuation to live up to.
Global Security News
Used EVs Are Now the Most Affordable Cars. Here’s How to Buy a Good One.
With rising oil prices and more used EVs coming off leases, the total cost of ownership equation has flipped.
Global Security News
Live Q&A: Ask Me Your Questions About EVs
Join a real-time, written chat with Christopher Mims from 10 a.m. to 11 a.m. ET on Wednesday, May 20. WSJ subscribers can submit their questions at any time in the comments space below.
AI, APAC, Compliance, Cybersecurity, Europe, Exploits, Global Security News, Network Security, Risk Management
EU’s Cyber Resiliency Act will put IT leaders to the test
Unlike most cyber security regulations, the EU’s Cyber Resilience Act is about product safety rather than processes or certification, extending the CE mark from the physical side of products to software, firmware, backend services, and anything with a network connection. It encodes existing best practices, enforces minimum product support lifecycles, and could mean developing stronger…
AI, Cybersecurity, Data Breaches, Endpoint, Global Security News, Network Security, privacy, Risk Management, Russia
The economics of ransomware 3.0
The moment every boardroom dreads There is a moment in almost every ransomware negotiation — usually around 36 hours, when legal, IT and the CFO are all in the same room — when someone says it out loud: “Let’s just see what the insurance covers.” That instinct, understandable as it is, has become one of…
Global Security News
Why geopolitical turmoil is a gift for scammers, and how to stay safe
Conflict is a boon for opportunistic fraudsters. Look out for their ploys.
china, Global Security News
China-Linked Hackers Deploy New TencShell Malware Against Global Manufacturer
A suspected China-linked threat actor targeted the Indian branch of a global manufacturer leveraging an open source offensive toolkit
AI, Global Security News
Keycard helps developers secure autonomous AI agents with scoped access
Keycard has announced Keycard for Multi-Agent Apps, extending its platform to support delegated, session-based access across systems of autonomous agents. Keycard lets developers build apps where every agent has its own identity, access is scoped to each task and every action is fully attributable across agents, users and systems. “Enterprises are rebuilding business functions around…
AI, Europe, Global Security News, privacy, Risk Management
The trouble with emotion-reading AI
“If you can’t measure it, you can’t fix it.” That’s a common saying in business, and it tends to be true. But what if the thing you want to fix is your employees’ attitudes? The AI revolution makes it possible to measure emotions and mental states. So why not use it widely and fix what’s…
AI, Exploits, Global Security News
Researchers uncover YellowKey and GreenPlasma Windows Zero-Days
Researchers disclosed two new Windows zero-days named YellowKey and GreenPlasma affecting BitLocker and the CTFMON framework. A security researcher known as Chaotic Eclipse, also called Nightmare-Eclipse, disclosed two new Windows zero-day vulnerabilities named YellowKey and GreenPlasma. The flaws affect BitLocker and the Windows Collaborative Translation Framework (CTFMON). YellowKey could allow attackers to bypass BitLocker protections,…
AI, Europe, Global Security News, malware, Network Security
[Guest Diary] New Malware Libraries means New Signatures, (Fri, May 15th)
This is a Guest Diary by Gokul Prema Thangavel, an ISC intern as part of the SANS.edu Bachelor Degree Program. Introduction The SHA-256 a8460f446be540410004b1a8db4083773fa46f7fe76fa84219c93daa1669f8f2 is one of the most-observed Outlaw / Shellbot artifacts on the public internet. VirusTotal first ingested it on 5 July 2018 [2]. It is the SHA-256 of the authorized_keys file written…
AI, Exploits, Global Security News
On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email
Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-42897 (CVSS score: 8.1), has been described as a spoofing bug stemming from a cross-site scripting flaw. An anonymous researcher has been credited with discovering and reporting…