The newly identified issue, similar to a previously patched vulnerability in the Windows Snipping Tool (CVE-2026-33829), resides in the search URI handler.
Tag: tool
Global Security News
Why you need BAS and autonomous pentesting together
Most security teams know the drill: A new autonomous penetration testing tool gets deployed, and the first run is genuinely impressive. The dashboard surfaces critical findings, maps lateral movement paths nobody had documented before, and exposes a legacy service account that has been sitting idle for years. Great. The red team feels like it’s found…
AI, Global Security News
Pointing a Cursor at evading detection
AI accelerated tool development and testing, but humans drove the workflow Categories: Threat Research Tags: AI, EDR
AI, Compliance, Europe, Global Security News, Network Security, Risk Management
IBM unveils tool to track sovereignty risks for cloud workloads
IBM has launched a tool designed to help customers assess cloud-sovereignty risks and meet regulatory compliance requirements. The Sovereignty Risk Profile launch comes as digital sovereignty becomes a higher priority for organizations concerned about where data is stored and processed. According to an IBM survey, 93% of executives believe sovereignty needs to be part of…
Global Security News
Canonical releases Workshop for one-command sandboxed dev environments on Ubuntu
Canonical released Workshop, a tool that launches sandboxed development environments on Ubuntu with a single command. Environments are configured once and reproduced on different machines, giving teams consistent setups across development workstations and deployment pipelines. A terminal showing the output of the workshop launch and list commands (Source: Canonical) How Workshop defines environments Workshop environments…
Global Security News
⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos
Monday recap. Same mess, new week. A sketchy dev tool got people pwned, old bugs came back from the dead, and security products somehow needed protecting from themselves. A bunch of companies spent the week checking old boxes and forgotten servers they should’ve patched years ago. Good times. Phishing crews are getting smarter too –…
AI, Cybersecurity, Global Security News
FBI warns of Kali Oauth stealers
The FBI has warned of the danger from a new wave of phishing attacks generated by a tool called Kali365. It enables cyber criminals to obtain Microsoft 365 access tokens and bypass multi-factor authentication (MFA) protocols without intercepting the user’s credentials by capturing Oauth tokens linked to the victim’s Microsoft 365 account. The scam works…
AI, Cybersecurity, Global Security News
FBI warns of Kali Oauth stealers
The FBI has warned of the danger from a new wave of phishing attacks generated by a tool called Kali365. It enables cyber criminals to obtain Microsoft 365 access tokens and bypass multi-factor authentication (MFA) protocols without intercepting the user’s credentials by capturing Oauth tokens linked to the victim’s Microsoft 365 account. The scam works…
Global Security News, Russia
‘First VPN’ service used by cybercriminals dismantled in international operation
First VPN marketed itself on Russian-speaking cybercrime forums as a reliable tool for anonymity, offering features like anonymous payments and concealed infrastructure to help users evade law enforcement.
AI, Global Security News, Network Security
Selective HTTP Proxying in Linux, (Thu, May 21st)
Recently, Rob wrote about a tool, Proxifier, that can intercept requests from specific processes. Proxifier is available for Windows, macOS, and Android. But I have not seen a generic Linux option yet. The advantage of a tool like Proxifier is the ability to target specific software. For debugging, reverse engineering, and similar tasks, selecting a…
Global Security News
Flipper One project needs community help to build open Linux platform
Flipper Devices, the maker of the Flipper Zero pentesting tool, is asking the community to help build Flipper One, an open Linux platform for connected devices. […]
AI, Global Security News, Risk Management
Novata uses AI to map risk across portfolios and supply chains
Novata has announced the launch of Risk Atlas, a new AI-powered risk monitoring tool designed to help organizations identify, compare, and prioritize risks across portfolios and supply chains. Framework for comparative risk visibility Risk Atlas provides a single, customizable framework for comparing risk across entities, normalizing diverse risk signals into a comparable view across portfolios…
AI, Apps, Cybersecurity, Global Security News, Network Security, Risk Management
EnterpriseClaw wants to bring governance to the OpenClaw era
Autonomous agent orchestration tool OpenClaw hit the scene last November and immediately went viral, but its dramatic flaws were exposed just as quickly. Still, it marked a pivotal step in the agentic AI era, and enterprises have been exploring ways to deploy fleets of autonomous agents safely and securely ever since. Automation Anywhere Tuesday rolled…
Global Security News
Google Unveils New Gemini AI Agent for Personal Tasks
The tech firm highlights both Spark and Omni, a video-creation tool, at its annual developer conference.
Data Breaches, Global Security News
Grafana Labs Confirms Hackers Stole Source Code
Open source tool maker Grafana says hackers stole codebase via GitHub breach
AI, Apps, Cloud Security, Compliance, Cybersecurity, Data Breaches, Data Security, Endpoint, Global Security News, Network Security, Risk Management
Top 21 MSSP Software to Best Serve Security Clients in 2026
MSSP software is a tool or platform that enables managed security service providers (MSSPs) to deliver outsourced cybersecurity services to organizations. Unlike traditional MSP software, MSSP tools focus specifically on security functions such as threat detection, access control, vulnerability management, and infrastructure protection. MSSPs support organizations ranging from small businesses to enterprises and play a…
Global Security News, malware
Pre-Stuxnet Fast16 Malware Tampered with Nuclear Weapons Simulations
A new analysis of the Lua-based fast16 malware has confirmed that it was a cyber sabotage tool designed to tamper with nuclear weapons testing simulations. According to Broadcom-owned Symantec and Carbon Black teams, the pre-Stuxnet tool was engineered to corrupt uranium-compression simulations that are central to nuclear weapon design. “Fast16’s hook engine is selectively interested…
AI, Apps, Global Security News, malware, Network Security
Fake Claude Code takes the IElevator to your browser secrets
Developers looking for Anthropic’s increasingly popular Claude Code tool are now being lured into downloading malware. According to researchers at Ontinue, attackers are abusing a fake Claude Code installer to deliver a previously undocumented PowerShell payload. The malware is designed to evade detection, recover browser encryption material, and steal sensitive data from developer systems. “Developers…
AI, Global Security News, Network Security
Six new dnsmasq vulnerabilities open the door to DNS cache poisoning, local root
Recent disclosures have revealed that open-source networking tool dnsmasq is grappling with a serious set of vulnerabilities. The problems span memory safety and input validation, with researchers identifying heap buffer overflows, heap corruption, and code execution bugs among the issues. Taken together, the security flaws open the door to various attacks: poisoning cached DNS entries,…
Global Security News, Network Security
New GhostLock tool abuses Windows API to block file access
A security researcher has released a proof-of-concept tool named GhostLock that demonstrates how a legitimate Windows file API can be abused in attacks to block access to files stored locally or on SMB network shares. […]
Apps, Global Security News
Open-source MCP server monitoring for Python apps
Pythonic Model Context Protocol servers handle tool calls, session events, module imports, and subprocess activity. BlueRock has released MCP Python Hooks, an open source runtime sensor that gives developers a way to capture those signals without modifying application code. What the sensor captures The tool wraps a Python process at startup so its hooks initialize…
AI, Global Security News
The Back Door Attackers Know About — and Most Security Teams Still Haven’t Closed
Every AI tool, workflow automation, and productivity app your employees connected to Google or Microsoft this year left something behind: a persistent OAuth token with no expiration date, no automatic cleanup, and in most organizations, no one watching it. Your perimeter controls don’t see it. Your MFA doesn’t stop it. And when an attacker gets…
Global Security News
CloudZ malware abuses Microsoft Phone Link to steal SMS and OTPs
A new version of the CloudZ remote access tool (RAT) is deploying a previously unseen malicious plugin called Pheno that hijacks the Microsoft Phone Link connection to steal sensitive codes from mobile devices. […]
Exploits, Global Security News
Hackers exploit RCE flaws in Qinglong task scheduler for cryptomining
Hackers are exploiting two authentication bypass vulnerabilities in the Qinglong open-source task scheduling tool to deploy cryptominers on developers’ servers. […]
AI, Global Security News
Reverse Engineering With AI Unearths High-Severity GitHub Bug
Wiz used an AI reverse-engineering tool to pinpoint a vulnerability that previously would have been too costly and time-consuming to undertake.
AI, Global Security News
New AI-Powered Bluekit Phishing Kit Targets Major Platforms with MFA Bypass Attacks
Bluekit Phishing Kit is a new PhaaS tool that targets major platforms, using AiTM techniques to steal session data and bypass MFA protections.
Global Security News
Linux storage management tool Stratis 3.9.0 adds online encryption and cache-less pool startup
Stratis is a tool for configuring pools and filesystems with enhanced storage functionality within the existing Linux storage management stack. It focuses on a command-line interface, an API, and an automated approach to storage management. It builds on existing components, including device-mapper, LUKS, XFS, and Clevis. Stratis can configure encrypted or unencrypted storage pools with…
AI, Compliance, Global Security News, Risk Management
TLS Connect gives SMBs a right-sized automated tool to manage TLS certificates
GMO GlobalSign today launched TLS Connect, a Certificate Lifecycle Management (CLM) tool designed specifically for SMBs. TLS Connect automates public trust TLS certificate deployment and renewal, allowing SMBs to strengthen security, maintain regulatory compliance and reduce business risk. The introduction of TLS Connect comes on the heels of the first in a series of TLS…
AI, Global Security News, malware, Network Security
Trigona ransomware adopts custom tool to steal data and evade detection
Trigona ransomware now uses a custom command-line tool to steal data faster and evade detection, replacing tools like Rclone and MegaSync. Symantec researchers report that recent Trigona ransomware attacks used a custom-built data exfiltration tool instead of common utilities like Rclone or MegaSync. This shift, seen in March 2026 incidents, gives attackers more control and…
Global Security News
Trigona ransomware attacks use custom exfiltration tool to steal data
Recently observed Trigona ransomware attacks are using a custom, command-line tool to steal data from compromised environments faster and more efficiently. […]
Global Security News
Anthropic Probes Possible Unauthorized Access to Mythos AI Model
The incident could complicate efforts to keep a tight lid on a tool that has spooked the White House and businesses.
AI, APAC, Apps, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security
Thousands of Apache ActiveMQ instances still unpatched, weeks after an actively exploited hole discovered
Two weeks after researchers using an AI tool discovered a major hole in Apache’s ActiveMQ messaging middleware, there are still thousands of unpatched instances open to the internet, more evidence that many application developers and IT leaders aren’t paying close attention to warnings about vulnerabilities. While the remote code injection vulnerability [CVE-2026-34197] was revealed on…
AI, Exploits, Global Security News
Surge in Bomgar RMM Exploitation Demonstrates Supply Chain Risk
The critical remote code execution flaw (CVE-2026-1731) in the remote monitoring and management tool can be exploited to spread ransomware and compromise supply chains.
AI, Global Security News
OpenAI Is Working With Consultants to Sell Codex
The ChatGPT maker said it has four million weekly active users for its AI coding tool, up from three million two weeks ago.
Global Security News, malware
⚡ Weekly Recap: Vercel Hack, Push Fraud, QEMU Abused, New Android RATs Emerge & More
Monday’s recap shows the same pattern in different places. A third-party tool becomes a way in, then leads to internal access. A trusted download path is briefly swapped to deliver malware. Browser extensions act normally while pulling data and running code. Even update channels are used to push payloads. It’s not breaking systems—it’s bending trust.…
AI, Global Security News
Why Most AI Deployments Stall After the Demo
The fastest way to fall in love with an AI tool is to watch the demo. Everything moves quickly. Prompts land cleanly. The system produces impressive outputs in seconds. It feels like the beginning of a new era for your team. But most AI initiatives don’t fail because of bad technology. They stall because what…
AI, Apps, Cybersecurity, Data Breaches, Global Security News
Third-party AI hack triggers Vercel breach, internal environments accessed
Vercel suffered a breach after a hacked Context.ai tool exposed an employee account, letting attackers access limited internal systems and non-sensitive data. Vercel reported a security breach caused by the compromise of a third-party AI tool, Context.ai, used by one of its employees. The attacker took over the employee’s Google Workspace account and used it…
AI, Global Security News, Network Security
Copado Puts AI Agents Inside DevOps Workflows
Copado just rolled out Agentia, a shiny new AI tool that adds automated agents into the day-to-day work of building, testing, and releasing software in Salesforce. How agentic AI is developing code and other time-intensive workloads That means the agents aren’t just suggesting things or answering questions; they’re actually writing code, running tests, diagnosing failures,…
Endpoint, Global Security News, Government & Policy
Signed software abused to deploy antivirus-killing scripts
A digitally signed adware tool has deployed payloads running with SYSTEM privileges that disabled antivirus protections on thousands of endpoints, some in the educational, utilities, government, and healthcare sectors. […]
AI, Global Security News
W3LL phishing service sold for $500 dismantled by the FBI
The W3LL phishing kit, a cybercrime tool used to impersonate legitimate login pages and steal usernames and passwords, has been dismantled by the FBI and Indonesian law enforcement authorities. Officials estimate the operation was tied to more than $20 million in attempted fraud. (Source: FBI) “For a fee of about $500, users could purchase access…
Global Security News
Anthropic Adds Novartis CEO to Board
The startup behind the popular Claude chatbot and coding tool is eyeing a potential IPO as soon as this year.
AI, Compliance, Europe, Global Security News, Government & Policy, malware, Network Security, privacy
Citizen Lab: Webloc tracked 500M devices for global law enforcement
Citizen Lab reported that law enforcement used the surveillance tool Webloc to track up to 500M devices via ad data globally. A report by Citizen Lab revealed that law enforcement agencies in the U.S., Hungary, and El Salvador used a surveillance tool called Webloc to track devices via advertising data, potentially affecting up to 500…
AI, Endpoint, Exploits, Global Security News, malware
CVE-2026-39987: Marimo RCE exploited in hours after disclosure
A critical flaw, tracked as CVE-2026-39987, in the open-source Python notebook tool Marimo was exploited within 10 hours of disclosure. A critical flaw in Marimo, tracked as CVE-2026-39987 (CVSS score of 9.3) was exploited just 10 hours after disclosure (On April 8, 2026). Sysdig Threat Research Team observed exploitation of the Marimo flaw within 9…
Cybersecurity, Exploits, Global Security News, malware
Claude Code source leak exploited to spread malware
A source code leak involving Anthropic’s Claude Code tool quickly escalated into a cybersecurity threat, as attackers seized on the exposed files to lure developers into downloading malware disguised as “unlocked” versions of the software. Leaked Claude Code source code used as lure On March 31, 2026, Anthropic accidentally exposed online the source code of…
AI, Global Security News
Agent Computers: The PC Era, Amplified
For 40 years, the personal computer has been the most important tool in human hands. Now AI Agents are real, and amplifying the PC Era as never before.
AI, Global Security News
Agent Computers: the PC era, amplified
For 40 years, the personal computer has been the most important tool in human hands. You sat down, opened your apps, and got to work. You wrote, built, designed, analyzed, edited, explored, and created. The machine worked for you. It was personal. It was powerful. It extended individual capabilities in a way nothing else had.…
AI, Global Security News
GitHub adds AI-powered bug detection to expand security coverage
GitHub is adopting AI-based scanning for its Code Security tool to expand vulnerability detections beyond the CodeQL static analysis and cover more languages and frameworks. […]
Global Security News, privacy
Firefox now has a free built-in VPN with 50GB monthly data limit
Mozilla released Firefox 149 with added privacy protection through a built-in VPN tool offering up to 50GB of monthly traffic. […]
Global Security News
Trivy Supply Chain Attack Targets CI/CD Secrets
A threat actor used the open source security tool to deploy an infostealer into CI/CD workflows and steal cloud credentials, SSH keys, tokens, and other sensitive secrets.
Global Security News
Mark Zuckerberg Is Building an AI Agent to Help Him Be CEO
The Meta Platforms chief uses the tool to get information faster as the company seeks to embrace artificial intelligence in all it does.
AI, Global Security News
Crypto Scam “ShieldGuard” Dismantled After Malware Discovery
ShieldGuard Chrome extension posed as a crypto security tool but stole wallets and drained user data
AI, Global Security News
Researchers Find Data Leak Risk in AWS Bedrock AI Code Interpreter
AWS Bedrock AI tool flaw allows data leaks via DNS queries in AgentCore Code Interpreter sandbox, exposing sensitive cloud data, researchers warn.
AI, Global Security News
Nvidia-Backed AI Startup to Spend Billions on Korea Data Center to Combat China
The Trump administration is using AI chips and models as a tool for diplomacy and boosting U.S. allies.
Global Security News
Betterleaks, a new open-source secrets scanner to replace Gitleaks
A new open-source tool called Betterleaks can scan directories, files, and git repositories and identify valid secrets using default or customized rules. […]
AI, Global Security News
What Are Your Bots Working On?
Plus, Microsoft’s new AI health tool and the billion-dollar startup founded by teenagers.
AI, Global Security News
Codoxo’s Deepfake Detection identifies AI-generated medical records for health plans
Codoxo has announced the launch of Deepfake Detection, an AI-driven fraud detection tool now being deployed by health plans across the U.S. The solution helps identify AI-generated or manipulated medical documentation and diagnostic images submitted in support of claims before payment is made. Healthcare fraud is already a multibillion-dollar problem, and generative AI is turning…
AI, Apps, Data Breaches, Endpoint, Global Security News, malware, Network Security, Risk Management
Fake OpenClaw npm Package Installs GhostClaw Malware
A malicious npm package is targeting developers by posing as a legitimate command-line tool while secretly deploying an infostealer and a remote access trojan (RAT). The package, @openclaw-ai/openclawai, masquerades as an OpenClaw Installer utility but instead initiates a multi-stage malware operation. Once executed, it attempts to steal credentials, cryptocurrency wallets, SSH keys, browser data, and…
AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, Risk Management
Threat actors use custom AuraInspector to harvest data from Salesforce systems
Attackers are mass-scanning Salesforce Experience Cloud sites using a modified AuraInspector tool to exploit misconfigurations and access sensitive data. Salesforce CSOC warns that threat actors are mass-scanning publicly accessible Experience Cloud sites using a modified version of the AuraInspector tool. AuraInspector is an open‑source command‑line tool released by Google/Mandiant to audit Salesforce Aura and Experience…
AI, Global Security News
How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows
Artificial Intelligence (AI) is no longer just a tool we talk to; it is a tool that does things for us. These are called AI Agents. They can send emails, move data, and even manage software on their own. But there is a problem. While these agents make work faster, they also open a new…
AI, Global Security News
New Claude tool uses AI agents to find bugs in pull requests
Anthropic’s Claude Code Review is a new tool, available as a research preview beta for Team and Enterprise plans, that sends a team of AI agents to examine every pull request. “We needed a reviewer we could trust on every PR. Code Review is the result: deep, multi-agent reviews that catch bugs human reviewers often…
AI, Apps, Cybersecurity, Data Breaches, Endpoint, Global Security News, malware, Network Security, privacy, Risk Management
Malicious Chrome Extension Targets imToken Wallet Users
A malicious Chrome extension disguised as a harmless color visualization tool is quietly redirecting users to phishing pages designed to steal cryptocurrency wallet credentials. Socket researchers warn that the extension impersonates the popular imToken wallet brand and tricks victims into entering their seed phrases or private keys. The “… extension automatically opens a threat actor-controlled…
AI, Global Security News, malware
Fake Claude Code install pages highlight rise of “InstallFix” attacks
Users looking for Anthropic’s Claude Code agentic AI coding tool are being tricked via fake Claude Code install pages into running malware, Push Security researchers have warned. The attackers behind this scheme are faithfully cloning Anthropic’s installation page, hosting it on a lookalike domain, and paying Google to surface those fake pages on the top…
AI, Global Security News
AI oversight is creating mental fatigue at work
Workflows built around multiple AI agents and constant tool switching are adding cognitive strain across large enterprises. A recent Harvard Business Review analysis describes this pattern as “AI brain fry,” a form of mental fatigue tied to intensive use and oversight of AI systems. Employees increasingly manage clusters of agents that generate code, synthesize information,…
AI, Cybersecurity, Global Security News, Risk Management
HHS updates a free risk tool to help hospitals size up their cybersecurity exposure
The Department of Health and Human Services unveiled a tool Thursday to help health care facilities assess their cybersecurity risks, elevating the emphasis on those threats to the kind produced by weather conditions and other dangers. The assistance from HHS’s Administration for Strategic Preparedness and Response (ASPR) comes in the form of an update to…
AI, Cybersecurity, Global Security News
The Multichain Trader’s Missing Tool Is Here. Banana Gun Built It.
In the latest development, the multichain trader’s missing tool is here and Banana Gun built it. There is a specific frustration that every serious on-chain trader knows. The token launch is on Solana. Your snipe bot is configured for Ethereum. By the time you switch sessions, the entry is gone. Banana Gun’s unified Telegram bot…
Global Security News, Risk Management
Secure by Design: Building security in at the beginning
Secure by Design is not a single tool, product, or one‑time activity. It is a holistic approach that requires security to be deliberately embedded from the very beginning, at the point where systems, software, and services are conceived and designed. Rather than reacting to vulnerabilities after deployment, Secure by Design emphasizes anticipating risk early and…
Endpoint, Global Security News
New Defender deployment tool streamlines Windows device onboarding with single executable
Microsoft’s Defender deployment tool for Windows helps administrators manage device onboarding at scale with updated progress visibility and additional controls. Simplified deployment with added administrative controls The tool adapts to the operating system and supports endpoint security across a broad range of Windows devices. It eliminates the need for separate onboarding files for modern and…
AI, Compliance, Cybersecurity, Endpoint, Global Security News, Risk Management
Beachhead Solutions Unveils ComplianceEZ 2.0 for MSPs
Beachhead Solutions has launched ComplianceEZ 2.0, a major update to its compliance management tool built into the BeachheadSecure for MSPs platform. The company says the new version moves beyond simple documentation and delivers full lifecycle management of cybersecurity compliance, with AI-driven guidance included at no extra cost. Beachhead positions ComplianceEZ 2.0 as MSP-focused GRC alternative…
AI, Compliance, Global Security News
AI agent platforms could push down SaaS license costs, report argues
A suggestion by Anthropic that its Claude Code tool could be used to automate the modernization of an antediluvian programming language, COBOL, still an important sideline for IBM six decades after it was first deployed, sent IBM stock tumbling on Monday. The company suffered a 13.2% drop in its stock price, its biggest fall since…
Apps, Global Security News
Coroot: Open-source observability and APM tool
Coroot is an open-source observability and application performance monitoring tool. The core software, published in Go and accompanied by companion repositories such as coroot-node-agent, focuses on collecting telemetry data across systems. It uses extended Berkeley Packet Filter (eBPF) technology to gather metrics and trace inter-service communications without manual instrumentation of application code. Coroot collects standard…
AI, Cybersecurity, Exploits, Global Security News, Risk Management
Anthropic unveils Claude Code Security to detect and fix code bugs
Anthropic launches Claude Code Security, an AI tool that scans code for vulnerabilities and suggests how to address them. Anthropic has introduced Claude Code Security, a new AI-powered service designed to scan software codebases for vulnerabilities and recommend fixes. Built into Claude Code, the tool aims to help teams detect and remediate security flaws faster.…
AI, Global Security News
Using Jet Engines to Power Data Centers
Plus, tips on how to vibe code and why TikTok’s new AI video tool has spooked Hollywood.
Global Security News
Best-in-Class ‘Starkiller’ Phishing Kit Bypasses MFA
A user-friendly PhaaS tool beats standard methods for detecting phishing attacks by live-proxying legitimate login sites.
AI, Compliance, Data Breaches, Europe, Global Security News, privacy
Irish regulator probes X after Grok allegedly generated sexual images of children
Ireland’s Data Protection Commission opened a probe into X over Grok AI tool allegedly generating sexual images, including of children. Ireland’s Data Protection Commission has launched another investigation into X over Grok’s AI image generator. The probe focuses on reports that the tool created large volumes of non-consensual and sexualized images, including content involving children,…
AI, Global Security News, malware
Malwarebytes brings Scam Guard to desktop with real-time scam protection
Malwarebytes has expanded the availability of its scam detection tool Scam Guard to desktop for both Windows and Mac. The free scam protection tool provides real-time feedback on scams, threats and malware alongside digital safety recommendations. Scams have become a global crisis, draining $442 billion from consumers over the past year, according to GASA’s Global…
AI, Apps, Data Breaches, Global Security News, Network Security, privacy, Risk Management
Meta Business Admins Exposed by 2FA-Harvesting Chrome Extension
A malicious Google Chrome extension masquerading as a productivity tool for Meta Business users has been found stealing two-factor authentication secrets and sensitive business data, enabling silent takeover of Facebook and Instagram assets. The extension, CL Suite by @CLMasters, advertises itself as a way to streamline Meta Business workflows, but Socket researchers say it quietly…
AI, Global Security News
Brutus: Open-source credential testing tool for offensive security
Brutus is an open-source, multi-protocol credential testing tool written in pure Go. Designed to replace legacy tools that have long frustrated penetration testers with dependency headaches and integration gaps, Brutus ships as a single binary with zero external dependencies and native support for the JSON-based reconnaissance pipelines that define offensive security. Solving a real workflow…
AI, Apps, china, Cloud Security, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management
What CISOs need to know about the OpenClaw security nightmare
The new personal AI agent orchestration tool known as OpenClaw — formerly Clawdbot, then Moltbot — is a personal assistant that can do tasks for you without your personal supervision. It can operate across devices, interact with online services, trigger workflows — no wonder the Github repo has seen millions of visits and over 160,000…
agentic ai, AI, Cybersecurity, Don't miss, Global Security News, News
OpenClaw Scanner: Open-source tool detects autonomous AI agents
A new free, open source tool is available to help organizations detect where autonomous AI agents are operating across corporate environments. The OpenClaw Scanner identifies instances of OpenClaw, an autonomous AI assistant also known as MoltBot, that can execute tasks, access local files, and authenticate to internal systems without centralized oversight. OpenClaw gained usage in…
AI, Cybersecurity, data protection, Global Security News, Google, News, privacy
Google Search introduces new ways to remove sensitive personal information and explicit images
Google expanded its “Results about you” tool to give users more control over sensitive personal information and added a way to request removal of non-consensual explicit images from Search. Manage and limit sensitive personal information in Search Users can request the removal of Search results that contain sensitive personal information, such as driver’s license numbers,…
Global Security News, Security
Malicious 7-Zip site distributes installer laced with proxy tool
A fake 7-Zip website is distributing a trojanized installer of the popular archiving tool that turns the user’s computer into a residential proxy node. […]
Global Security News, Security
New tool blocks imposter attacks disguised as safe commands
A new open-source and cross-platform tool called Tirith can detect homoglyph attacks over command-line environments by analyzing URLs in typed commands and stopping their execution. […]