Join a real-time, written chat with Christopher Mims from 10 a.m. to 11 a.m. ET on Wednesday, May 20. WSJ subscribers can submit their questions at any time in the comments space below.
Global Security News
Used EVs Are Now the Most Affordable Cars. Here’s How to Buy a Good One.
With rising oil prices and more used EVs coming off leases, the total cost of ownership equation has flipped.
Global Security News
The Blockbuster Cerebras IPO Is a Huge Bet on Nvidia Fatigue
A startup known for its big chips now has a giant valuation to live up to.
AI, APAC, Compliance, Cybersecurity, Europe, Exploits, Global Security News, Network Security, Risk Management
EU’s Cyber Resiliency Act will put IT leaders to the test
Unlike most cyber security regulations, the EU’s Cyber Resilience Act is about product safety rather than processes or certification, extending the CE mark from the physical side of products to software, firmware, backend services, and anything with a network connection. It encodes existing best practices, enforces minimum product support lifecycles, and could mean developing stronger…
AI, Cybersecurity, Data Breaches, Endpoint, Global Security News, Network Security, privacy, Risk Management, Russia
The economics of ransomware 3.0
The moment every boardroom dreads There is a moment in almost every ransomware negotiation — usually around 36 hours, when legal, IT and the CFO are all in the same room — when someone says it out loud: “Let’s just see what the insurance covers.” That instinct, understandable as it is, has become one of…
Global Security News
Why geopolitical turmoil is a gift for scammers, and how to stay safe
Conflict is a boon for opportunistic fraudsters. Look out for their ploys.
china, Global Security News
China-Linked Hackers Deploy New TencShell Malware Against Global Manufacturer
A suspected China-linked threat actor targeted the Indian branch of a global manufacturer leveraging an open source offensive toolkit
AI, Global Security News
Keycard helps developers secure autonomous AI agents with scoped access
Keycard has announced Keycard for Multi-Agent Apps, extending its platform to support delegated, session-based access across systems of autonomous agents. Keycard lets developers build apps where every agent has its own identity, access is scoped to each task and every action is fully attributable across agents, users and systems. “Enterprises are rebuilding business functions around…
AI, Europe, Global Security News, privacy, Risk Management
The trouble with emotion-reading AI
“If you can’t measure it, you can’t fix it.” That’s a common saying in business, and it tends to be true. But what if the thing you want to fix is your employees’ attitudes? The AI revolution makes it possible to measure emotions and mental states. So why not use it widely and fix what’s…
AI, Exploits, Global Security News
Researchers uncover YellowKey and GreenPlasma Windows Zero-Days
Researchers disclosed two new Windows zero-days named YellowKey and GreenPlasma affecting BitLocker and the CTFMON framework. A security researcher known as Chaotic Eclipse, also called Nightmare-Eclipse, disclosed two new Windows zero-day vulnerabilities named YellowKey and GreenPlasma. The flaws affect BitLocker and the Windows Collaborative Translation Framework (CTFMON). YellowKey could allow attackers to bypass BitLocker protections,…
AI, Europe, Global Security News, malware, Network Security
[Guest Diary] New Malware Libraries means New Signatures, (Fri, May 15th)
This is a Guest Diary by Gokul Prema Thangavel, an ISC intern as part of the SANS.edu Bachelor Degree Program. Introduction The SHA-256 a8460f446be540410004b1a8db4083773fa46f7fe76fa84219c93daa1669f8f2 is one of the most-observed Outlaw / Shellbot artifacts on the public internet. VirusTotal first ingested it on 5 July 2018 [2]. It is the SHA-256 of the authorized_keys file written…
AI, Exploits, Global Security News
On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email
Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-42897 (CVSS score: 8.1), has been described as a spoofing bug stemming from a cross-site scripting flaw. An anonymous researcher has been credited with discovering and reporting…
Global Security News
Deepfake detection is losing ground to generative models
Deepfake detection has been built around a single question for close to a decade. Given a video or audio clip, is it real or synthetic? Commercial detectors analyze pixels, frequencies, and biometric signals to answer that question, and the best of them post strong accuracy numbers on standard benchmarks. In deployment, performance drops sharply on…
Cybersecurity, Exploits, Global Security News
CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits
The U.S.Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly disclosed vulnerability impacting Cisco Catalyst SD-WAN Controller to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to remediate the issue by May 17, 2026. The vulnerability is a critical authentication bypass tracked as CVE-2026-20182. It’s
AI, Cybersecurity, Exploits, Global Security News, Risk Management
Pwn2Own Berlin 2026, Day One: $523,000 paid out, AI products fall
Pwn2Own Berlin 2026 day one saw 22 entries and 24 zero-days across major software, with researchers earning $523,000 in total rewards. Day one of Pwn2Own Berlin 2026 featured 22 entries targeting widely used technologies, including browsers, operating systems, AI platforms, and NVIDIA infrastructure. By the end of the day, researchers demonstrated 24 unique zero-day vulnerabilities…
AI, Global Security News, Risk Management
Zombie linkages are keeping expired domains trusted for years
Domains expire, get transferred, and return to the market every day. The systems connected to those domains can continue trusting the original owner long after control has changed. Researchers at USC and the University of Twente examined this problem in three widely used systems: Web PKI, Maven Central, and Ethereum Name Service. They use the…
AI, Compliance, Global Security News
The AI oversight paradox: Is the investment worth the cost of watching it?
Unlike in 2025, when AI adoption and testing drove business strategies, organizations in 2026 want proven ROI before committing budgets, according to a report by Globalization Partners. How global executives characterize their organization’s approach to AI adoption (Source: Globalization Partners) 62% of business leaders said they felt pressure from their organizations to use AI, while…
Global Security News
ISC Stormcast For Friday, May 15th, 2026 https://isc.sans.edu/podcastdetail/9934, (Fri, May 15th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
AI, Global Security News, Network Security, Risk Management
New infosec products of the week: May 15, 2026
Here’s a look at the most interesting products from the past week Alation, Apricorn, Versa Networks, and TrustCloud. The questionnaire-based TPRM model is broken, and TrustCloud has a fix TrustCloud announced a new version of TrustLens, its third party risk management (TPRM) solution. The new TrustLens agentic AI capabilities focus on delivering four requirements every…
AI, Global Security News
Taiwan Incident Highlights Cybersecurity Gaps in Rail Systems
A Taiwanese student experimenting with software-defined radio technology shut down three bullet trains for nearly an hour, leading to an anti-terrorism response.
AI, Apps, Endpoint, Exploits, Global Security News, Network Security, Risk Management
AI agent finds 18-year-old remote code execution flaw in Nginx
Researchers have found a critical vulnerability in the widely used Nginx web server that can potentially lead to remote code execution under certain conditions. The flaw is a heap buffer overflow that has gone undetected in the program’s code for the past 18 years. Tracked as CVE-2026-42945, the vulnerability is one of 4 bugs found…
AI, Global Security News
TeamPCP hackers advertise Mistral AI code repos for sale
The TeamPCP hacker group is threatening to leak source code from the Mistral AI project unless a buyer is found for the data. […]
AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, malware, Network Security, privacy, Risk Management
The Massive Canvas Cyberattack That Allegedly Ended in a Secret Deal With Hackers
The cyberattacks targeting Instructure’s Canvas learning management system unfolded as at least two distinct but likely connected operational phases that exposed the fragility of browser-based SaaS trust models inside modern educational infrastructure. What began in late April as a suspected cloud-platform compromise involving large-scale data exfiltration evolved by early May into a far more aggressive…
AI, Global Security News
Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin
Hackers are leveraging a critical authentication bypass vulnerability in the WordPress plugin Burst Statistics to obtain admin-level access to websites. […]
AI, Global Security News
SecurityScorecard Snags Driftnet to Level Up Threat Intelligence
The new acquisition looks to boost visibility into third-party ecosystems that are becoming a bigger concern as vectors for supply-chain attacks.
AI, Apps, Endpoint, Europe, Global Security News, Network Security
Regional routing for AWS access portals: Implementing custom vanity domains for IAM Identity Center
AWS IAM Identity Center provides a web-based access portal that gives your workforce a single place to view their AWS accounts and applications. With the recent launch of IAM Identity Center multi-Region replication, customers can replicate their IAM Identity Center instance across multiple AWS Regions to improve resilience and reduce latency for a globally distributed…
AI, Cybersecurity, Global Security News, Risk Management
Pentagon cyber official calls advanced AI ‘revolutionary warfare’
Advanced artificial intelligence models will “fundamentally change warfare as we know it,” a top cyber official at the Defense Department said Thursday, saying it represents “not evolutionary warfare, but revolutionary warfare.” Paul Lyons, principal deputy assistant secretary for cyber policy, said the development of frontier AI models like Mythos amounted to a “watershed moment,” speaking…
AI, Exploits, Global Security News, Network Security
Meet Fragnesia, the third Linux kernel vulnerability in a month
Linux admins reeling from handling last month’s CopyFail and last week’s Dirty Frag kernel vulnerabilities have a new headache to deal with: Fragnesia. “This is a significant vulnerability,” Robert Beggs, head of incident response firm DigitalDefence, told CSO. “It is bypassing traditional filesystem permissions that are present and enforced (for example, ‘file is owned by…
Global Security News, Network Security
Maximum Severity Cisco SD-WAN Bug Exploited in the Wild
This is the second time this year a threat actor has leveraged a CVSS 10.0 vulnerability in Cisco’s network control system.
AI, Global Security News, Network Security, Risk Management
HPE Names TD SYNNEX Global Distribution Partner
TD SYNNEX has been named one of HPE’s two global distribution partners as Hewlett Packard Enterprise unifies its worldwide channel model and prepares for broader partner demand around AI, cloud, and networking infrastructure. TD SYNNEX expands global HPE distribution role The new setup is designed to simplify how partners work with HPE across regions while…
AI, Cybersecurity, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management
White House cyber official: identity security matters more than ever in the age of AI
As AI becomes more integrated into federal IT (and attacker toolsets) government agencies will need to focus their resources on regulating and monitoring the identities that access their network, a top White House cybersecurity official said Thursday. Nick Polk, branch director for federal cybersecurity in the Executive Office of the President, said that while AI…
AI, Global Security News
AppDirect Targets Energy Opportunity for Tech Advisors
As AI workloads drive new demand for power and infrastructure, AppDirect sees energy procurement becoming a more immediate advisory opportunity for MSPs, resellers, and technology advisors already guiding customers through cloud, software, and connectivity decisions. In an interview with Channel Insider, Benji Coomer, GM of Energy at AppDirect, said the company’s energy strategy is designed…
AI, Exploits, Global Security News
Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks
Cisco is warning that a critical Catalyst SD-WAN Controller authentication bypass flaw, tracked as CVE-2026-20182, was actively exploited in zero-day attacks that allowed attackers to gain administrative privileges on compromised devices. […]
AI, Global Security News
‘LifeHack’ Review: A High-Tech Heist
A group of digital-savvy Gen-Zers try to pull off a crypto caper in the impressively entertaining feature debut from writer-director Ronan Corrigan.
Global Security News
Suspected Dream Market kingpin arrested after gold bars sent to his home address
Lesson one for aspiring dark web kingpins: don’t have your laundered gold bars shipped to your home address. Read more in my article on the Hot for Security blog.
AI, Apps, Data Breaches, Global Security News
OpenAI confirms security breach in TanStack supply chain attack
OpenAI says two employees’ devices were breached in the recent TanStack supply chain attack that impacted hundreds of npm and PyPI packages, causing the company to rotate code-signing certificates for its applications as a precaution. […]
Exploits, Global Security News
Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026
On the first day of Pwn2Own Berlin 2026, security researchers collected $523,000 in cash awards after exploiting 24 unique zero-days. […]
AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management
U.S. CISA adds a flaw in Cisco Catalyst SD-WAN to its Known Exploited Vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Cisco Catalyst SD-WAN to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Cisco Catalyst SD-WAN, tracked as CVE-2026-20182 (CVSS score of 10.0), to its Known Exploited Vulnerabilities (KEV) catalog. Cisco fixed CVE-2026-20182, a flaw in SD-WAN control…
AI, Exploits, Global Security News, Network Security, Risk Management
Linux Kernel bug Fragnesia allows local root access attacks
Fragnesia, a new Linux kernel flaw tracked as CVE-2026-46300, could let local attackers gain root access through page cache corruption. Researchers disclosed a new Linux kernel privilege escalation vulnerability named Fragnesia, tracked as CVE-2026-46300 (CVSS score of 7.8). The flaw affects the XFRM ESP-in-TCP subsystem and could allow local attackers to gain full root access…
AI, Exploits, Global Security News
Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access
Cisco has released updates to address a maximum-severity authentication bypass flaw in Catalyst SD-WAN Controller that it said has been exploited in limited attacks. The vulnerability, tracked as CVE-2026-20182, carries a CVSS score of 10.0. “A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly
Global Security News, malware
Fake Job Interview Apps Drop JobStealer Malware on Windows and macOS
Hackers are using Fake interview apps to spread JobStealer malware on macOS and Windows to steal crypto wallets, browser data, and passwords.
Cybersecurity, Global Security News
Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets
Cybersecurity researchers are sounding the alarm about what has been described as “malicious activity” in newly published versions of node-ipc. According to Socket and StepSecurity, three different versions of the npm package have been confirmed as malicious – node-ipc@9.1.6 node-ipc@9.2.3 node-ipc@12.0.1 “Early analysis indicates that node-ipc@9.1.6, node-ipc@9.2.3, and node-ipc@12.0.1
AI, Global Security News, Russia
‘FrostyNeighbor’ APT Carefully Targets Govt Orgs in Poland, Ukraine
Attackers uniquely fingerprint victims before delivering spear-phishing payloads aimed at espionage, in the latest campaign from the Belarussian nation-state threat group.
AI, Global Security News
Closing Statements Begin in Musk Trial Over OpenAI Founding, Leadership
The world’s richest man testified that OpenAI allegedly “stole a charity” in its for-profit conversion, while Sam Altman defended the change as essential for raising funds for AI.
AI, Apps, Compliance, Endpoint, Global Security News, Network Security, privacy, Risk Management
Automating post-quantum cryptography readiness using AWS Config
Migrating your TLS endpoints to Post-quantum cryptography (PQC) starts with understanding your current TLS endpoint inventory and posture. This post introduces the PQC Readiness Scanner — an automated tool that inventories your Application Load Balancer (ALB), Network Load Balancer (NLB), and Amazon API Gateway endpoints and continuously monitors their TLS configurations for PQC readiness. The…
AI, Global Security News
ThreatsDay Bulletin: PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks, and 10+ Stories
Everything is still on fire. This week feels dumb in the worst way — bad links, weak checks, fake help desks, shady forum posts, and people turning supply chain attacks into some cursed little game for clout and cash. Half of it feels new. Half of it feels like crap we should have fixed years…
AI, Global Security News, privacy
Apple’s App Store model for AI
Apple has a design for AI life. It hopes to build on the outstanding hardware performance its systems already provide to create a fantastic environment in which AI developers can thrive. If this plan sounds familiar it’s because it’s all about the App Store, and while it’s easy to expect Apple’s revenue share to change, the…
AI, Global Security News
Closing Statements Begin in Musk Trial Over OpenAI Founding, Leadership
The world’s richest man testified that OpenAI allegedly “stole a charity” in for-profit conversion, while Sam Altman defended the change as essential for raising funds for AI.
AI, Exploits, Global Security News, Risk Management
Broadcom releases VMware Fusion security update for root access bug
Broadcom patched a high-severity VMware Fusion flaw, CVE-2026-41702, that could let local attackers gain root privileges. Broadcom released a security update for VMware Fusion to address a high-severity vulnerability, tracked as CVE-2026-41702, that could allow local attackers to escalate privileges to root on affected systems. The flaw is a time-of-check time-of-use (TOCTOU) vulnerability affecting operations…
AI, Exploits, Global Security News
18-year-old NGINX vulnerability allows DoS, potential RCE
An 18-year-old flaw in the NGINX open-source web server, discovered using an autonomous scanning system, can be exploited for denial of service and, under certain conditions, remote code execution. […]
Global Security News
How Fintech APIs Are Modernizing Business Cash Flow Management
Business cash flow is often harder to manage than revenue. A company can have strong sales and still…
AI, Global Security News
Cyber-Enabled Cargo Crime: How Cybercrime Tradecraft is Used to Steal Freight
Cargo theft now starts with phishing emails and stolen credentials, not hijackings, to reroute and steal freight from supply chains. NMFTA outlines how cyber-enabled cargo crime is changing transportation security. […]
Global Security News
Anthropic’s Mythos Helped Find Bugs in Apple’s Desktop Operating System
During tests in April, researchers found software issues in MacOS, one of the world’s toughest targets for hackers.
Global Security News
Anthropic’s Mythos Helped Find Bugs in Apple’s Desktop Operating System
During tests in April, researchers found software issues in MacOS, one of the world’s toughest targets for hackers.
AI, Global Security News, Network Security
Mustang Panda Linked to Updated FDMTP Backdoor in Asia-Pacific Espionage Campaign
Mustang Panda campaign deploys updated FDMTP backdoor against Asia-Pacific and Japan networks
AI, Exploits, Global Security News
CVE-2026-42945: 18-Year-Old NGINX Rewrite Flaw May Enable Unauthenticated RCE
Web infrastructure bugs remain especially dangerous when they sit in widely deployed request-handling logic for years without detection. Among the latest vulnerabilities impacting NGINX Plus and NGINX Open, the CVE-2026-42945 vulnerability stands out as an 18-year-old heap buffer overflow in ngx_http_rewrite_module that can be reached by an unauthenticated attacker through crafted HTTP requests and may…
AI, Global Security News
Fragnesia: New Linux kernel LPE bug was spawned by Dirty Frag patch (CVE-2026-46300)
Researchers have found and disclosed yet another local privilege escalation (LPE) vulnerability in the Linux kernel: CVE-2026-46300, aka “Fragnesia”. The flaw is in the same class of vulnerabilities as the recently disclosed Dirty Frag bug(s). Like Dirty Frag, it affects the same Linux module (xfrm-ESP). In fact, according to Dirty Frag discoverer Hyunwoo Kim, Fragnesia…
AI, Exploits, Global Security News, Network Security
CVE-2026-46300: Fragnesia Linux Kernel Flaw Grants Root via Page Cache Corruption
Local privilege-escalation bugs remain especially dangerous when they turn an ordinary user foothold into immediate root access. The CVE-2026-46300 vulnerability, nicknamed Fragnesia, is a high-severity Linux kernel flaw in the XFRM ESP-in-TCP subsystem that allows an unprivileged local attacker to write arbitrary bytes into the page cache of read-only files and escalate privileges. Public reporting…
AI, Cybersecurity, Data Breaches, Global Security News
Major tech manufacturer Foxconn confirms cyberattack hit North American factories
Foxconn, one of the world’s largest manufacturers of electronics sold by major tech vendors, is recovering from a cyberattack that disrupted some of the company’s factories in North America. Nitrogen, a ransomware group that’s known for targeting organizations in the manufacturing, construction and technology sectors, claimed responsibility for the attack on its data leak site…
AI, Global Security News, Government & Policy
Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike
The Belarus-aligned threat group known as Ghostwriter has been attributed to a fresh set of attacks targeting governmental organizations in Ukraine. Active since at least 2016, Ghostwriter has been linked to both cyber espionage and influence operations targeting neighboring countries, particularly Ukraine. It’s also tracked under the monikers FrostyNeighbor, PUSHCHA, Storm-0257, TA445, UAC‑0057
AI, Apps, Compliance, Global Security News, Risk Management
HYCU aiR detects insider risk and AI activity from backups
HYCU has announced HYCU aiR (AI Resilience), an AI-native solution that turns backup data across dozens of applications into a live and actionable intelligence for security, compliance, and IT teams. aiR lets organizations search, query, and run purpose-built agents to surface insider risk, sensitive data exposure, identity drift, and AI agent activity, using their backup…
AI, Apps, Exploits, Global Security News
NGINX Rift: an 18-year-old flaw in the world’s most deployed web server just came to light
Researchers found a critical 18-year-old buffer overflow flaw in NGINX, tracked as CVE-2026-42945 and named NGINX Rift. If you run NGINX, and statistically speaking, there is a very good chance you do, this week brought news worth stopping for. Security researchers at depthfirst disclosed a critical heap buffer overflow vulnerability in both NGINX Plus and…
Global Security News
Google Launches Android Spyware Forensics Tool for High-Risk Users
Google’s Android Advanced Protection Mode is getting a new feature allowing trusted security experts to investigate potential spyware infections
AI, Compliance, Cybersecurity, Endpoint, Exploits, Global Security News, Risk Management
Fleet CEO: Faster Remediation Needs IT and Partner Support
Fleet has announced new autonomous endpoint management capabilities designed to help enterprises reduce vulnerability exposure windows from months to days, and in some cases, hours, as security teams face faster exploit development and growing pressure from AI-enabled threats. The San Francisco-based company said its platform now supports continuous patching and vulnerability exposure reporting across major…
AI, Apps, Compliance, Global Security News
SAP Sapphire 2026 Intros ‘Autonomous Enterprise’ Vision
SAP wants businesses to stop treating AI like a side project and start running entire operations around it. At its annual SAP Sapphire 2026 conference in Orlando, SAP unveiled what it calls the “Autonomous Enterprise,” a strategy built around AI agents, business automation, and enterprise data systems designed to work together across finance, HR, procurement,…
AI, Compliance, Cybersecurity, Endpoint, Global Security News, Risk Management
Q&A: How MSP Platform Sprawl Strains Operations and Security
As MSPs across the US work to scale profitably while delivering stronger security outcomes, faster response times, and more consistent customer experiences, many are discovering that operational complexity is a major barrier to sustainable growth. We spoke with James Griffin, CEO of CyberSentriq, about why disconnected environments are creating inefficiencies across the channel, how platform…
AI, Global Security News, Government & Policy, malware
FlowerStorm phishing gang adopts virtual-machine obfuscation to evade email defenses
A widely active phishing-as-a-service (PhaaS) operation known as FlowerStorm has begun using a browser-based virtual machine to conceal credential theft code, marking what researchers say is an escalation in phishing-kit sophistication that could make attacks harder for traditional email and static-analysis tools to detect. Researchers at Sublime Security said in April that they identified the…
AI, Global Security News
AI Drives Cybersecurity Investments, Widening ‘Valley of Death’
In a role reversal, investment dollars in AI security startups exceeded the value of AI acquisitions in 1Q26 by more than $1 billion, a rare occurrence.
Global Security News
New Fragnesia Flaw Hands Linux Local Users Root Access
New Fragnesia kernel flaw lets unprivileged local users escalate to root on Linux systems
AI, Global Security News
Cerebras to Kick Off Hotly Anticipated Year for Artificial-Intelligence IPOs
The chip company raised its price target this week after strong demand from investors.
AI, china, Global Security News
FamousSparrow Targeted Oil and Gas Industry via MS Exchange Server Exploit
Bitdefender Labs reveals how the China-linked FamousSparrow hacking group targeted an Azerbaijani energy firm using ProxyNotShell, Deed RAT,…
AI, Global Security News
Cofense adds AI-powered campaign detection to stop phishing attacks
Cofense has announced new advancements to its Phishing Defense Platform aimed at improving detection and response to AI-powered phishing attacks. The updates include AI-driven phishing detection, enhanced triage automation, and AI-assisted training campaign creation designed to strengthen protection across the phishing lifecycle. Phishing threats are no longer one-off emails. Attackers launch coordinated, polymorphic campaigns that…
AI, Global Security News, Network Security
KongTuke hackers now use Microsoft Teams for corporate breaches
Initial access broker KongTuke has moved to Microsoft Teams for social engineering attacks, taking as little as five minutes to gain persistent access to corporate networks. […]
AI, Global Security News
Inside the SOC: AI-powered DNS defense against ransomware
Use AI-powered predictive DNS defense in Cisco Secure Access to disrupt ransomware and streamline your SOC investigations.
Global Security News
Graphon Says Its ‘Intelligence Layer’ Will Lighten the Load on AI Models
CEO Arbaaz Khan says the company’s approach analyzes the relationships between pieces of data more efficiently and cheaply than large language models do.
Global Security News
Foxconn Attack Highlights Manufacturing’s Cyber Crisis
A Nitrogen ransomware attack on Foxconn’s North American facilities is one of 600 hits on manufacturers this year, as gangs increasingly target the sector for its low tolerance for downtime.
AI, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, privacy, Risk Management
LATAM Under Siege: Agent Tesla’s 18-Month Credential Theft Campaign Against Chilean Enterprises
Credential theft malware rarely announces itself with ransomware-level noise. Instead, it operates like a silent siphon hidden inside everyday business workflows: invoices, payroll files, purchase orders, procurement requests. Agent Tesla campaigns are especially dangerous because they target the operational arteries of organizations, harvesting credentials that enable deeper compromise, business email compromise (BEC), financial fraud, cloud account takeover, and long-term…
AI, Endpoint, Exploits, Global Security News
PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure
Threat actors have been observed attempting to exploit a recently disclosed security vulnerability in PraisonAI, an open-source multi-agent orchestration framework, within four hours of public disclosure. The vulnerability in question is CVE-2026-44338 (CVSS score: 7.3), a case of missing authentication that exposes sensitive endpoints to anyone, potentially allowing an attacker to invoke the
AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management
PraisonAI vulnerability gets scanned within 4 hours of disclosure
A newly disclosed authentication bypass flaw in the open-source AI orchestration framework PraisonAI was probed by internet scanners less than four hours after its public disclosure. According to Sysdig observations, roughly three hours and 44 minutes after a GitHub advisory dropped, a scanner identifying itself as “CVE-Detector/1.0” was already looking through the exposed PraisonAI instances…
AI, Exploits, Global Security News, Risk Management
How AI Hallucinations Are Creating Real Security Risks
AI hallucinations are introducing serious security risks into critical infrastructure decision-making by exploiting human trust through highly confident yet incorrect outputs. When an AI model lacks certainty, it doesn’t have a mechanism to recognize that. Instead, it generates the most probable response based on patterns in its training data, even if that response is inaccurate.…
Global Security News
Microsoft’s WinUI agent plugin trims token use by over 70% during development
Microsoft published a plugin on May 13 that lets GitHub Copilot CLI and Claude Code drive the full WinUI 3 development cycle, from project scaffolding through signed MSIX packaging. The WinUI agent plugin ships one agent, eight skills, and several supporting tools targeting the loop developers run dozens of times a day: scaffold, build, run,…
Global Security News, malware
China-Linked Twill Typhoon Uses Fake Apple and Yahoo Sites for Espionage
A new Darktrace report reveals how Chinese hackers use fake Apple and Yahoo sites and the FDMTP malware framework to spy on organisations.
AI, Global Security News
Microsoft turns Copilot Studio into an AI agent control center
The Microsoft Copilot Studio April 2026 updates improve visibility and governance for admins and expand workflow capabilities for managing agents. Copilot surfaces agent status in the authoring experience, giving admins insight into each agent’s security and protection posture. Customers can identify issues such as authentication gaps or policy impacts and investigate them at the source.…
Global Security News
Dell confirms its SupportAssist software causes Windows BSOD crashes
Dell confirmed that its SupportAssist software is causing blue-screen crashes on some Windows systems following a wave of user reports about random reboots affecting Dell devices since Friday. […]
AI, Cybersecurity, Global Security News, Government & Policy
AI cyber capability is speeding past earlier projections
AI cyber capability is improving faster than expected, with newer models surpassing earlier projections, according to the UK government’s AI Security Institute (AISI). AISI measures AI cyber capability using “time horizon benchmarks”, which estimate how long AI systems can complete cybersecurity tasks autonomously compared to human experts. “In February 2026, we estimated that frontier models’…
Global Security News
When ransomware gets physical: cybercriminals turn to threats of violence
Pay up, or we’ll pay someone to pay you a visit. Cybercrime gangs are increasingly turning to real-world threats – and even hiring local muscle to deliver the message. Read more in my article on the Hot for Security blog.
Cybersecurity, Global Security News
Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation
An anonymous cybersecurity researcher who disclosed three Microsoft Defender vulnerabilities has returned with two more zero-days involving a BitLocker bypass and a privilege escalation impacting Windows Collaborative Translation Framework (CTFMON). The security defects have been codenamed YellowKey and GreenPlasma, respectively, by the researcher, who goes by the online aliases Chaotic Eclipse
AI, Global Security News
Most Organizations Now Use AI Agents for Sensitive Security Tasks
Semperis study finds 74% of organizations believe AI will increase attacks on identity infrastructure
AI, Cybersecurity, Global Security News, Government & Policy, Network Security, Risk Management
What CISOs need to land a board role
Cybersecurity leaders often have complex relationships with their boards. Many boards lack cyber expertise, and CISOs can encounter roadblocks as a result when it comes to earning board approval. Other security leaders may not have a direct line to their board, or they may be viewed as too technical to win the support needed. One…
AI, Global Security News
US charges suspected Dream Market admin arrested in Germany
The alleged main administrator of Dream Market Incognito Market, one of the largest dark web marketplaces before its shutdown, has been indicted in the United States on money laundering charges. […]
AI, Global Security News
FrostyNeighbor: Fresh mischief and digital shenanigans
ESET researchers uncovered new activities attributed to FrostyNeighbor, updating its compromise chain to support the group’s continual cyberespionage operations
AI, Apps, china, Endpoint, Europe, Exploits, Global Security News, malware, Network Security, Russia
FamousSparrow targets Azerbaijani energy sector in multi-wave espionage campaign
Chinese-linked FamousSparrow repeatedly targeted an Azerbaijani oil and gas company, reusing the same entry point in three intrusions from Dec 2025 to Feb 2026. Chinese-linked threat actor FamousSparrow has conducted a sustained intrusion campaign against an Azerbaijani oil and gas company, returning to the same compromised entry point three separate times between late December 2025…
AI, Apps, Compliance, Global Security News, Risk Management
HYCU Launches New Capability for Backup Data Use
HYCU, a SaaS data protection company, is launching aiR (AI Resilience), a new capability inside the HYCU R-Cloud platform. The new capability turns backup data into a live intelligence layer for security, compliance, and risk teams. AI Resilience solution leverages backup records to observe AI use It takes the backup records organizations have of who…
AI, Global Security News
CERN’s open source KiCad library gives the world 17,000 circuit board components
CERN has released its complete KiCad component library under an open source license, making it available to hardware designers anywhere in the world. The library, maintained by CERN’s Design Office, contains more than 17,000 electronic components in the form of schematic symbols and printed circuit board footprints. Layout of a printed circuit board made using…
Global Security News
New Fragnesia Linux flaw lets attackers gain root privileges
Linux distros are rolling out patches for a new high-severity kernel privilege escalation vulnerability (known as Fragnasia and tracked as CVE-2026-46300) that allows attackers to run malicious code as root. […]
AI, Global Security News
New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption
Details have emerged about a new variant of the recent Dirty Frag Linux local privilege escalation (LPE) vulnerability that allows local attackers to gain root access, making it the third such bug to be identified in the kernel within a span of two weeks. Codenamed Fragnesia, the security vulnerability is tracked as CVE-2026-46300 (CVSS score:…
AI, APAC, Apps, Endpoint, Global Security News
How Southwest Airlines is putting endpoint operations on autopilot
As digital tools become more central to its operations, Southwest Airlines is increasingly turning to AI and automation to prevent endpoint issues from affecting the sprawling airline. The new tools allow the company’s IT team to take a more strategic, rather than reactive, approach to operations, said Derek Whisenhunt, head of end user computing at…
AI, Cybersecurity, Data Breaches, Global Security News, Risk Management
Nitrogen Ransomware claims massive data theft from Foxconn
Foxconn confirmed a cyberattack on some North American factories. The Nitrogen ransomware group claims it stole 8TB of data from the firm. Foxconn confirmed that several of its North American factories were affected by a cyberattack. The manufacturer confirmed it was targeted by threat actors after the Nitrogen ransomware group listed it on its Tor…
AI, Exploits, Global Security News
Simple bypass of the link preview function in Outlook Junk folder, (Thu, May 14th)
Besides serving as a place where Microsoft Outlook places suspected spam, the Outlook Junk folder has one additional function that can be quite helpful when it comes to identifying malicious messages. Any e-mail placed in this folder is stripped of all formatting, and destinations of all links included in the message become visible to the…
AI, Cybersecurity, Global Security News
18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE
Cybersecurity researchers have disclosed multiple security vulnerabilities impacting NGINX Plus and NGINX Open, including a critical flaw that remained undetected for 18 years. The vulnerability, discovered by depthfirst, is a heap buffer overflow issue impacting ngx_http_rewrite_module (CVE-2026-42945, CVSS v4 score: 9.2) that could allow an attacker to achieve remote code execution or cause a