Hunt.io mapped 1,350+ C2 servers across the Middle East, revealing how a small group of providers quietly supports major malware activity. For years, threat intelligence focused mostly on malware families, phishing domains, and individual indicators. But a new report from Hunt.io shows why defenders may need to pay closer attention to something more boring, hosting…
Global Security News
China’s Webworm Uses Discord, Microsoft Graphs to Hack EU Govts.
The advanced persistent threat group also relied on SOCKS proxies like SoftEther VPN, tunneling tools that act as a middleman between victim and attacker.
AI, Apps, Global Security News
With AI, typing’s out, talking’s in
Eight months ago, LinkedIn co-founder and former CEO Reid Hoffman confessed: “I am voicepilled.” He argued that talking instead of typing was the next great leap in computing. Being “voicepilled,” he said, was the epiphany that you can be vastly more productive and creative when not bogged down by the Victorian-era contraption known as the…
AI, Global Security News, malware
Cross-Platform NPM Stealer, (Fri, May 22nd)
I found a Node.js stealer that looked pretty well obfuscated. The file was not running out-of-the-box because it was uploaded on VT as “extracted-decoded.js” (and reformated). The SHA256 is 049300aa5dd774d6c984779a0570f59610399c71864b5d5c2605906db46ddeb9[1]. It did not run properly in a sandbox so only a static analysis was performed. The key point is that it is a cross-platform stealer…
AI, Global Security News, Risk Management
Controlling AI Agents: Why Detection Is Too Late
This is Part 2 of a 2-part series. Read Part 1: Your AI Agent Doesn’t Care About Your Controls If AI agents change how execution happens, they also expose a fundamental limitation in how most security controls operate. Many control models assume there is sufficient time to detect, assess, and respond to events before they result in…
Cybersecurity, Exploits, Global Security News
CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security flaws impacting Langflow and Trend Micro Apex One to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerabilities in question are listed below – CVE-2025-34291 (CVSS score: 9.4) – An origin validation error vulnerability in Langflow that could
Endpoint, Exploits, Global Security News
Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access
Cisco has rolled out updates for a maximum-severity security flaw impacting Secure Workload that could allow an unauthenticated, remote attacker to access sensitive data. Tracked as CVE-2026-20223 (CVSS score: 10.0), the vulnerability arises from insufficient validation and authentication when accessing REST API endpoints. “An attacker could exploit this vulnerability if they are able to send
Global Security News
Downtime has become a $600 billion business problem
The average cost of downtime has reached $600 billion for the Global 2000, a 50% increase in two years. According to Splunk’s The Hidden Costs of Downtime report, unplanned outages and service degradation cost each company an average of $300 million. Percentage of technology executives who consider a direct cost very or prohibitively disruptive (2024…
AI, Global Security News, Risk Management
The new economics of fraud: Cheaper, faster, more convincing
Scams have become one of the fastest-growing consumer risks, driven by AI-enabled impersonation, social engineering, and sophisticated attack methods, according to Visa’s Spring 2026 Biannual Threats Report. Criminals redirect efforts toward trust and third parties Fraud involves behavioral manipulation, fragmented ecosystems, and faster attack cycles that use AI to pressure people into authorizing payments themselves.…
AI, Global Security News
New infosec products of the week: May 22, 2026
Here’s a look at the most interesting products from the past week, featuring releases from ASAPP, Babel Street, CTERA, Forward, Riverbed, and Trust3 AI. Babel Street targets AI-driven threats with new agentic investigation capabilities Babel Street has launched Insights Investigator, a new agentic capability that puts tradecraft-trained AI agents at the front edge of investigative…
Global Security News
ISC Stormcast For Friday, May 22nd, 2026 https://isc.sans.edu/podcastdetail/9942, (Fri, May 22nd)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Global Security News
How SpaceX’s IPO Cements Elon Musk’s Grip on the Company
With supervoting shares and help from Texas state law, the CEO has worked to address governance issues he has faced at Tesla.
Global Security News
Space X’s Ambitions Are Intergalactic. Its Business Is Selling You Internet.
The world’s richest man needed lots of money—and a moonshot. So he built Starlink.
Global Security News
SpaceX Postpones Launch of Newly Redesigned Starship
The company estimates it has spent $15 billion developing its next-generation rocket.
Global Security News, malware
Analyzing Void Dokkaebi’s Cython-Compiled InvisibleFerret Malware
Void Dokkaebi, a North Korea-aligned intrusion set, has updated its information-stealing malware, InvisibleFerret, shifting its delivery format to evade script-based detections.
Global Security News
Wahlap data leak exposes 18.9 million records from WeChat mini-program ecosystem
Security researchers discovered an open Elasticsearch instance belonging to Wahlap, a prominent arcade game manufacturer that collaborates with industry giants like Sega.
Global Security News
Deleted Google API keys remain active for up to 23 minutes, study finds
While the Google Cloud Platform console indicates immediate deletion, researchers found that keys take an average of 16 minutes to become fully inactive, with the longest observed delay reaching 23 minutes.
china, Global Security News
New Linux malware ‘Showboat’ targets Middle East telecom provider
Showboat is believed to be utilized by Chinese-affiliated threat actors, with command-and-control infrastructure linked to Chengdu, China.
Global Security News, Russia
‘First VPN’ service used by cybercriminals dismantled in international operation
First VPN marketed itself on Russian-speaking cybercrime forums as a reliable tool for anonymity, offering features like anonymous payments and concealed infrastructure to help users evade law enforcement.
Global Security News
Nvidia releases driver updates to fix 14 critical vulnerabilities
The vulnerabilities affect GeForce, RTX, Quadro, Tesla, and NVS product lines, as well as vGPU and Cloud Gaming software.
AI, Global Security News, Government & Policy, Network Security
Alleged leader of Kimwolf, a sweeping botnet for cybercriminals, arrested in Canada
Authorities arrested and unsealed charges against a Canadian man accused of running Kimwolf, one of the most far-reaching DDoS botnets on record, the Justice Department said Thursday. Jacob Butler was arrested Wednesday in Ottawa, Canada, and awaits extradition to the United States where he is charged with aiding and abetting computer intrusions and, if convicted,…
AI, china, Endpoint, Exploits, Global Security News, Network Security
Critical vulnerability in Cisco Secure Workload rated at maximum severity
A critical vulnerability in the on-premises version of the Cisco Secure Workload security platform could allow a threat actor to obtain the privileges of a site admin, enabling them to compromise endpoints and read or modify configuration data. “CSOs need to drop what they are doing and patch this immediately,” warned consultant Robert Enderle, who…
AI, Cybersecurity, Endpoint, Exploits, Global Security News, malware
Microsoft patches two zero-day flaws in Defender
Microsoft released emergency fixes for two zero-day vulnerabilities in the malware protection components of Microsoft Defender. The flaws allow local attackers to gain system-level privileges or cause the anti-malware service to stop working correctly. Both conditions are valuable in a malware attack, first to prevent detection if the system relies only on Microsoft endpoint protection…
AI, Apps, Europe, Global Security News, Government & Policy, Network Security
Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada
Canadian authorities on Wednesday arrested a 23-year-old Ottawa man on suspicion of building and operating Kimwolf, a fast spreading Internet-of-Things botnet that enslaved millions of devices for use in a series of massive distributed denial-of-service (DDoS) attacks over the past six months. KrebsOnSecurity publicly named the suspect in February 2026 after the accused launched a…
AI, Apps, Endpoint, Exploits, Global Security News, Network Security, Risk Management
Unpatched ChromaDB flaw leaves servers open to remote code execution
Researchers have published details about a critical vulnerability in ChromaDB that could allow unauthenticated attackers to execute arbitrary code and access sensitive data on machines running the open-source vector database. The issue, tracked as CVE-2026-45829, is located in ChromaDB’s API server and was published by researchers at HiddenLayer after reportedly failing to get in contact…
AI, Global Security News
How CISOs Should Prep for Agentic-Ready AI BOMs
Finding ways to document both component and execution attributes for AI bill of materials (AI BOM).
AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management
U.S. CISA adds Microsoft and Adobe flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft and Adobe flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: CVE-2008-4250 Microsoft Windows Buffer Overflow Vulnerability CVE-2009-1537 Microsoft DirectX NULL…
AI, Global Security News
Google API Keys Remain Active After Deletion
A security researcher discovered the API keys can still be used for 23 minutes after deletion, even though the cloud provider claims deletion is immediate.
AI, APAC, china, Cybersecurity, Funding, Global Security News, Government & Policy, Network Security, Russia
Lawmakers from both parties say CISA cuts have gone too far
Two cybersecurity-focused members of Congress agreed Thursday that reductions to the Cybersecurity and Infrastructure Security Agency have done too much damage to an agency essential to defending civilian networks against foreign adversaries. Rep. Don Bacon, R-Neb., and Rep. James Walkinshaw, D-Va., spoke during a discussion at the National Cyber Innovation Forum. Despite representing different parties,…
AI, Compliance, Global Security News, Network Security, privacy, Risk Management
AWS KY3P report now available for third-party supplier due diligence
We’re excited to announce that Amazon Web Services (AWS) has completed the S&P Global Know Your Third Party (KY3P) assessment of its security posture. This assessment demonstrates our continued commitment to meet the heightened expectations of cloud service providers. Customers can now use the AWS KY3P assessment to reduce their supplier due diligence burden. KY3P,…
Global Security News
Social-Media Companies Settle Youth-Harm Case Ahead of Wave of Trials
The companies reached a settlement with a Kentucky school district to avoid a coming trial over accusations that they intentionally designed their platforms to addict young people.
AI, china, Cybersecurity, Europe, Exploits, Global Security News, Government & Policy, Russia
Trump postpones executive order focused on AI security
President Donald Trump said he would postpone the release of an executive order that would set up a 90-day testing and vetting regime for frontier AI models, hours before the White House was set to publicly announce the signing. Speaking to reporters in the Oval Office Thursday, Trump said he opted to delay the order…
AI, Funding, Global Security News
What an OpenAI IPO Might Mean for the Channel
OpenAI is reportedly preparing for an initial public offering (IPO), a move that could significantly impact both the consumer AI market and the channel ecosystem as we know it. As the company behind arguably the world’s most recognizable AI platform, OpenAI’s transition into a publicly traded company could unlock new opportunities, partnerships, and revenue streams…
AI, Global Security News
Too Much Work to Do? Have Your Digital Twin Handle It
In a glimpse into the future, a small number of executives have created AI replicas to take over some of their responsibilities.
AI, Global Security News
Google accidentally exposed details of unfixed Chromium flaw
Google has accidentally leaked details about an unfixed issue in Chromium that keeps JavaScript running in the background even when the browser is closed, allowing remote code execution on the device. […]
AI, Europe, Global Security News, Network Security, privacy, Russia
Global law enforcement operation takes First VPN offline
Police seized First VPN in a global crackdown, exposed its cybercrime users, and shut down infrastructure tied to ransomware and data theft. A major international law enforcement operation has taken First VPN offline, a service that had become a quiet staple for ransomware crews, data thieves, and other cybercriminals trying to hide in plain sight. “The coordinated…
AI, Global Security News, malware
Apple Blocks Over 2 Million Apps in 2025 Fraud Crackdown
Apple 2025 fraud report shows major App Store protections: over 2M apps rejected, 1B fake accounts blocked, and billions in fraud prevented. Apple ‘s annual fraud prevention report for 2025 paints a striking picture of just how much effort goes into keeping the App Store clean. The numbers are significant: more than two million app…
Data Breaches, Global Security News
Defenders fall behind, as AI rewrites the rules of a data breach
For almost 20 years, stolen credentials have been the most common route for attackers into organizations, according to the Verizon Data Breach Investigations Report (DBIR). But that’s no longer the case. Read more in my article on the Fortra blog.
AI, Cybersecurity, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management
CISA chief frets about open-source vulnerabilities, delayed security improvements
Securing some of the open-source technology that serves as the backbone for all modern digital infrastructure is going to require some “hard decisions” amid a wave of malware attacks, the leader of the Cybersecurity and Infrastructure Security Agency said Thursday. “The open-source community is one that I’m particularly worried about when we start to think…
AI, Global Security News
California Governor Signs Order on AI Aimed at Helping Workers
Gavin Newsom’s move follows broadening signs of public discontent over AI’s impact on jobs.
Global Security News
Trump Postpones AI Executive Order Due to Concerns About Overregulation
The White House had been weighing more oversight over the fast-growing industry.
AI, china, Compliance, Europe, Funding, Global Security News, Government & Policy, Risk Management, Venture
EU moves forward on $5.8B scale-up fund to keep startups from leaving
The European Union has stepped up efforts to grow its homegrown tech sector and reduce dependence on US firms, advancing plans this week for a €5 billion ($5.8 billion) fund to help startups scale in Europe rather than seek capital or buyers abroad. Analysts welcomed the initiative, but said its success will depend on whether…
Global Security News
Proofpoint Integrates with the Claude Compliance API to Extend Data Security and Governance to Claude
AI, APAC, Global Security News, privacy
Do Apple’s accessibility efforts point at its AI plans?
You can usually measure a society by the way it treats its most vulnerable populations, and technology often can help people live better, more autonomous lives. Apple firmly believes that, and this year’s raft of accessibility announcements introduced to mark Global Accessibility Awareness Day shine a light on that belief. The company has won a string of awards…
AI, Global Security News
Microsoft open-sources tools for designing and testing AI agents
Microsoft has open-sourced two tools aimed at bringing security discipline to AI agent development: Clarity, a structured design review tool, and RAMPART, a continuous testing framework. The release comes from Microsoft’s AI Red Team, the company’s internal unit that stress-tests its own AI systems, and both tools have been used internally before being open-sourced. RAMPART:…
AI, Europe, Global Security News, Network Security, Russia
European authorities take down prolific cybercrime VPN service
European authorities took down a prominent virtual private network service and arrested the alleged administrator behind an operation that cybercriminals used to steal data, commit fraud and ransomware attacks, Europol said Thursday. First VPN, which was promoted on Russian-speaking cybercrime forums, gained popularity for providing services that allowed users to hide their infrastructure and identities.…
AI, Global Security News
Deleted Google API Keys Remain Active up to 23 Minutes, Study Finds
Deleted Google API Keys remain active for up to 23 minutes after deletion, exposing GCP, Gemini, BigQuery, and Maps data to attackers.
AI, Apps, Compliance, Global Security News
Automating identity lifecycle and security with AWS Directory Service APIs
Managing identities and access across complex environments has become more critical than ever. AWS Directory Service for Managed Microsoft Active Directory, also known as AWS Managed Microsoft AD, has added new capabilities to manage users and groups. Now, you can perform create, read, update, and delete (CRUD) operations on users and groups directly through AWS…
AI, Cloud Security, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, Network Security, Risk Management
7 Best Attack Surface Management Software in 2026
This guide is for IT leaders and security teams looking to improve visibility into organizational risks and reduce their attack surface in 2026. It covers the best attack surface management (ASM) software and the key features businesses should evaluate when selecting the right solution for proactive threat detection and risk mitigation. Key Points on Attack…
Global Security News
SpaceX Set to Launch Upgraded Starship on Pre-IPO Test Flight
The company estimates it has spent $15 billion developing its next-generation rocket.
AI, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Global Security News, Network Security, Risk Management
6 Best Vulnerability Management Software & Systems for 2026
This guide is for IT leaders, security teams, and vulnerability management professionals looking to improve security visibility and remediation across their environments in 2026. It covers the best vulnerability management software and systems, along with the key features organizations should evaluate when selecting the right solution for their security operations. Key Takeaways about the Best…
AI, Global Security News
AI Agents Are Shifting Identity Security Budget Dynamics
AI agent projects are proliferating throughout the enterprise, and those AI agent identities require management, security, and governance. New Omdia research shows the AI agent identity budget dynamics are very different than traditional IAM projects.
AI, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, Network Security, Risk Management
2026 Verizon DBIR: The New Era of Cyber Threats
The 2026 Verizon Data Breach Investigations Report (DBIR) paints a clearer picture of today’s cybersecurity landscape: attackers are moving faster, artificial intelligence is accelerating cybercrime, and organizations continue to struggle with foundational security practices. Key Takeaways from the 2026 Verizon DBIR Report Vulnerability exploitation (31%) overtook credential abuse (13%) as the top initial access vector…
Global Security News
Cybercriminal VPN Dismantled in Europol Crackdown
First VPN, a service used by ransomware actors and fraudsters, was dismantled by Europol
AI, Global Security News
Even at $5 Trillion, Nvidia Is Underappreciated
Competition is growing, but the AI chip maker’s sluggish stock doesn’t give enough credit for its strong position.
Global Security News
Apple blocked over $11 billion in App Store fraud in 6 years
Apple revealed that it blocked over $11 billion in fraudulent App Store transactions over the last six years, more than $2.2 billion in potentially fraudulent App Store transactions in 2025 alone. […]
AI, Global Security News
GitHub Breach Traced to Malicious ‘Nx Console’ VS Code Extension
A threat actor compromised an Nx developer and posed as a legitimate maintainer to publish a malicious extension on Visual Studio Marketplace
AI, Global Security News
Enhancing Cisco Secure Email Gateway: Safer Clicks and Cleaner Files
Cisco Secure Email Gateway enhancements: RBI neutralizes web-based threats via isolated browsing, CDR sanitizes malicious components from email attachments.
AI, Endpoint, Exploits, Global Security News, Network Security
Attackers are bypassing MFA on SonicWall VPNs because something was wrong with previous fix
Attackers bypassed MFA on patched SonicWall Gen6 VPNs because admins missed extra manual steps required to fully fix the flaw. There is a particular kind of security failure that is harder to catch than an unpatched system: a patched system where the patch did not actually work because nobody followed all the steps. That is…
AI, Cybersecurity, Exploits, Global Security News, malware
Showboat Linux Malware Hits Middle East Telecom with SOCKS5 Proxy Backdoor
Cybersecurity researchers have disclosed details of a new Linux malware dubbed Showboat that has been put to use in a campaign targeting a telecommunications provider in the Middle East since at least mid-2022. “Showboat is a modular post-exploitation framework designed for Linux systems, capable of spawning a remote shell, transferring files, and functioning as a…
AI, Global Security News, Network Security
Authorities dismantle First VPN, used by ransomware actors
First VPN, a virtual private network service marketed to cybercriminals, promising anonymity for its users, was taken offline on May 19 and 20 as part of Operation Saffron. During the operation, French and Dutch authorities, with support from Europol and Eurojust, dismantled 33 servers linked to the service and interviewed the operator in Ukraine. The…
AI, Apps, china, Cybersecurity, Data Breaches, Endpoint, Global Security News, Government & Policy, Network Security, Risk Management, Venture
AI, Cybersecurity Education, and the Defense of America’s Digital Border
Artificial intelligence (AI) is reshaping cybersecurity at a pace that is forcing educators, businesses, and governments to rethink workforce development and national defense strategies. During a recent discussion with cybersecurity entrepreneur and ConnectSecure Chairman, Arnie Bellini, key themes emerged around the evolution of cyber threats, the importance of protecting America’s “digital border,” and the urgent…
AI, Global Security News
Inside a Crypto Drainer: How to Spot it Before it Empties Your Wallet
Modern crypto drainers don’t hack wallets. They trick users into approving malicious transactions. Flare explores how the Lucifer DaaS platform scales wallet theft through phishing and automation. […]
china, Global Security News
Chinese APTs Share Linux Backdoor in Central Asia Telco Attacks
“Showboat” doesn’t show off, but clearly it doesn’t need to, as it’s long helped China spy on small market communications providers.
AI, Global Security News, malware
Chinese hackers target telcos with new Linux, Windows malware
A Chinese cyber-espionage campaign has been targeting telecommunications providers with newly discovered Linux and Windows malware dubbed Showboat and JFMBackdoor, respectively. […]
AI, Global Security News
Max severity Cisco Secure Workload flaw gives Site Admin privileges
Cisco has released security updates to address a maximum-severity vulnerability in Secure Workload that allows attackers to gain Site Admin privileges. […]
AI, Data Breaches, Global Security News
GitHub, Grafana Labs breaches traced back to TanStack supply chain compromise
GitHub CISO Alexis Wales has named the malicious VS Code extension behind the breach they suffered at the hands of the threat group TeamPCP: Nx Console, a popular developer tool with 2.2 million installs. A malicious version of the otherwise benign extension was used to steal secrets and developer credentials, which were then used to…
AI, Global Security News, Network Security
Selective HTTP Proxying in Linux, (Thu, May 21st)
Recently, Rob wrote about a tool, Proxifier, that can intercept requests from specific processes. Proxifier is available for Windows, macOS, and Android. But I have not seen a generic Linux option yet. The advantage of a tool like Proxifier is the ability to target specific software. For debugging, reverse engineering, and similar tasks, selecting a…
AI, Endpoint, Exploits, Global Security News, Risk Management
Cisco fixed maximum severity flaw CVE-2026-20223 in Secure Workload
Cisco fixed a critical Secure Workload flaw (CVE-2026-20223) that could let attackers gain Site Admin privileges through crafted API requests. Cisco released patches for a critical vulnerability, tracked as CVE-2026-20223 (CVSS score of 10.0), in Secure Workload. The flaw stems from insufficient validation and authentication in REST API endpoints. According to Cisco, remote attackers could…
Global Security News, Network Security
Police seize “First VPN” service used in ransomware, data theft attacks
A virtual private network service called ‘First VPN,’ used in ransomware and data theft attacks, has been taken offline in a joint international law enforcement operation. […]
AI, Global Security News
Content Delivery Exploit Opens Websites to Brand Hijacking
The Underminr domain-fronting attack allows threat actors to modify Web requests and leverage trusted websites to cloak malicious activity.
AI, Cybersecurity, Global Security News, malware, Risk Management
Your AI Agent Doesn’t Care About Your Controls
This is Part 1 of a 2-part series on AI agents and control assurance. Read Part 2: Controlling AI Agents: Why Detection Is Too Late The cybersecurity industry has spent years investing in visibility. Dashboards have improved, detection tooling has matured, and the volume of telemetry available to security teams has increased significantly. Most organisations…
AI, APAC, Apps, Global Security News
AI Demand Pushes Neoclouds into the Channel Conversation
Neocloud providers are gaining momentum as enterprises look for more GPU capacity to support AI training, fine-tuning, and inference. For MSPs, resellers, and system integrators, that shift could expand the cloud infrastructure conversation beyond hypescalers. As AI workloads push customers to compare every available option, partners have an opportunity to advise on cost, capacity, workload…
AI, Global Security News, Risk Management
Three-Quarters of Firms Knowingly Ship Vulnerable Code
AI risks threaten to permeate supply chains through unvetted code and unaudited suppliers
AI, Global Security News
Europol Seizes First VPN Used by Ransomware Gangs, Arrests Administrator
Europol has seized First VPN, a service used by ransomware gangs, arrested its administrator and gained access to data linked to thousands of users.
AI, Global Security News
Workday’s Returning CEO Has a Plan to Survive the AI Era
The software company isn’t an AI native. But Aneel Bhusri has established an AI task force and is launching new agents for IT and corporate travel.
Global Security News
U.S. to Award Quantum-Computing Firms $2 Billion and Take Equity Stakes
The Trump administration hopes to spur “a new era of American innovation,” Commerce Secretary Howard Lutnick says.
AI, Apps, Compliance, Data Breaches, Exploits, Global Security News, Risk Management
SharePoint On-Prem End of Life: 2026 Migration Guide
With Microsoft ending support for SharePoint Server 2016 and 2019 on July 14, 2026, organizations still running on-premises SharePoint face a shrinking window to modernize aging collaboration environments before security updates, bug fixes, and vendor support disappear. SharePoint 2019 On-Prem lives on, but without Microsoft support For over a decade, local SharePoint deployments have served…
AI, Cybersecurity, Global Security News
AI-generated reporting: Lessons learned from Cisco Talos Incident Response
Talos IR shares prompt engineering lessons for consistent, accurate AI-generated cybersecurity reports with a realistic case study.
Global Security News
Nine-Year-Old Linux Kernel Flaw Leaks SSH Keys and Password Hashes
Qualys finds nine-year-old Linux ptrace flaw exposing SSH keys and password hashes locally
AI, Global Security News, privacy
Microsoft refreshes Surface line with biz-friendly features – and a high price tag
Microsoft this week refreshed its Surface for Business range of devices, adding features designed to appeal to enterprises. But high prices for the devices might be hard for IT buyers to swallow. Microsoft announced a new Surface Pro for Business on Tuesday, alongside two variants of its Surface Laptop for Business devices – a premium…
AI, Global Security News
ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI Intrusions, Scam Kits and 25 New Stories
This week starts small. A token leaks. A bad package slips in. A login trick works. An old tool shows up again. At first, it feels like the usual mess. Then you see the pattern: attackers are not always breaking in. They are using the parts we already trust. That is what makes it worrying.…
AI, Cybersecurity, Global Security News, malware
Android Malware Spotted Subscribing Victims to Paid Services Without Consent
Cybersecurity researchers expose a 10-month global Android malware campaign using fake apps to secretly charge users through premium SMS bills.
Global Security News
Flipper One project needs community help to build open Linux platform
Flipper Devices, the maker of the Flipper Zero pentesting tool, is asking the community to help build Flipper One, an open Linux platform for connected devices. […]
AI, Exploits, Global Security News, malware
Microsoft Defender vulnerabilities exploited in the wild (CVE-2026-41091, CVE-2026-45498)
Attackers are exploiting two Microsoft Defender vulnerabilities (CVE-2026-41091 and CVE-2026-45498), Microsoft acknowledged and CISA confirmed by adding them to its Known Exploited Vulnerabilities catalog. The vulnerabilities CVE-2026-41091 allows for local privilege elevation (LPE), and is caused by the Microsoft Malware Protection Engine improperly resolving links before accessing files. “An attacker who successfully exploited this vulnerability…
AI, Exploits, Global Security News
Microsoft Warns of Two Actively Exploited Defender Vulnerabilities
Microsoft has disclosed that a privilege escalation and a denial-of-service flaw in Defender has come under active exploitation in the wild. The former, tracked as CVE-2026-41091, is rated 7.8 on the CVSS scoring system. Successful exploitation of the flaw could allow an attacker to gain SYSTEM privileges. “Improper link resolution before file access (‘link following’)…
Global Security News
When Identity is the Attack Path
Consider a cached access key on a single Windows machine. It got there the way most cached credentials do – a user logged in, and the key stored itself automatically. Standard AWS behavior. No one misconfigured anything or violated a policy. Yet that single key, which was easily accessible to a minor-league attacker, could have…
AI, Apps, Global Security News, Risk Management
Microsoft releases open-source tools to operationalize AI agent safety
Microsoft has open-sourced two new tools aimed at bringing AI safety checks much earlier into the agent development lifecycle. The tools, called Rampart and Clarity, were announced this week as part of Microsoft’s broader push to operationalize safety engineering for agentic AI. “We built these tools because we believe that AI safety has to become…
Global Security News
Microsoft’s Retired IE Tool MSHTA Now Being Used in Fileless Malware Attacks
Bitdefender researchers reveal how cyberattackers are abusing the built-in Windows MSHTA utility to silently deploy loaders and infostealers.
AI, Apps, china, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, Risk Management
The readiness paradox: Why a false sense of cyber confidence is becoming a liability
There’s this old proverb that’s stuck with me over the years: “Dig the well before you are thirsty.” It really means you should prepare for the crisis before it arrives. In cybersecurity, it’s a mentality that’s long underpinned investment, strategy and board-level conversations. And by many measures, organizations appear to have already ‘dug’ that well.…
Global Security News
U.S. to Award Quantum Computing Firms $2 Billion and Take Equity Stakes
The Trump administration hopes to spur ‘a new era of American innovation,’ Commerce Secretary Howard Lutnick says.
AI, Global Security News
Even at $5 Trillion, Nivida Is Underappreciated
Competition is growing, but the AI chip maker’s sluggish stock doesn’t give enough credit for its strong position.
Global Security News
SpaceX, Anthropic and OpenAI’s Sprint to Go Public Defines the AI Boom’s Big Day
Silicon Valley’s hottest startups are competing fiercely as big tech firms contend with fickle investors and hard choices.
AI, Cybersecurity, Global Security News, malware
Hackers Stealing Bank Accounts from iPhone and Android Users Using AI
As the AI universe expands, so have the cybercriminals that use AI for hacking. Recent reports are showing that bank attacks using AI has increased over 400%, with savvy criminals staying ahead of anti-fraud measures. Another report for 2025 has identified 1,243 financial brands as their main targets in 90 countries and 34 active malware…
Global Security News
Virtru centers file collaboration around data-level protection
Virtru unveiled Virtru Collaborate, a new offering that eliminates that tradeoff, a FedRAMP authorized space where sensitive files are encrypted and protected by the Trusted Data Format (TDF), and where that protection travels seamlessly with the data as teams work together across organizational boundaries. Virtru Collaborate is the first solution built on the new Virtru…
AI, Global Security News
ASAPP expands adversarial testing for enterprise AI systems
ASAPP has launches Continuous Red Teaming, a new capability that integrates adversarial AI testing directly into ASAPP’s model evaluation framework. The new capability is built on Promptfoo, an AI security platform that helps enterprises detect and address vulnerabilities in AI systems during development. Promptfoo continuously runs automated tests across ASAPP’s AI systems, screening for more…
AI, Cybersecurity, Global Security News, Risk Management
Tenable Hexa AI automates remediation across attack surfaces
Tenable has announced the general availability of Tenable Hexa AI, the agentic AI engine of the Tenable One Exposure Management Platform. Tenable Hexa AI is an advanced agentic AI for cybersecurity solution, equipped with advanced multi-step reasoning and Model Context Protocol (MCP) support, enabling custom agent building and workflows that accelerate risk reduction at machine…
AI, Data Breaches, Global Security News
Grafana Labs Says Code Breach Stemmed from TanStack Attack
Grafana Labs has confirmed a recent data breach was caused by the TanStack supply chain attack
AI, Global Security News
Shifting Budget Dynamics for Identity Security and AI Agents
AI agent projects are proliferating throughout the enterprise, and those AI agent identities require management, security, and governance. New Omdia research shows the AI agent identity budget dynamics are very different than traditional IAM projects.
Exploits, Global Security News
Microsoft warns of new Defender zero-days exploited in attacks
On Wednesday, Microsoft started rolling out security patches for two Defender vulnerabilities that have been exploited in zero-day attacks. […]