The Evil MSI Background is Back!, (Fri, Jun 5th)
A few months ago, I wrote a diary about a payload that was embedded into a JPEG picture. It was a MSI-branded background[1].
General
20 articles
Let’s Encrypt Introduces Merkle Tree Certificates for Post-Quantum Web Security
Let’s Encrypt has unveiled a new approach to securing the web against future quantum threats: Merkle Tree Certificates (MTCs), a post-quantum–ready certifica...
AgentGG: Open-source agentic SAST scanner
Static analysis tools have spent years matching source code against known-bad patterns and handing engineers long lists of candidate issues to triage by hand...
AI agent governance gets harder when agents outnumber your people
In this Help Net Security video, Amit Gautam, CTO at Abluva, explains the security risks that autonomous AI agents bring into enterprise environments. He ope...
3 Principles to Safely Scale Agentic AI
Dashlane Reveals How Hackers Downloaded Encrypted Password Vaults
Dashlane has disclosed the findings of a recent security investigation, confirming that a limited number of users were impacted by a targeted brute-force att...
Most pros have seen AI hallucinations in IT operations
Autonomous AI is taking action inside enterprise IT environments. Software is restarting services, isolating risky devices, and applying patches without wait...
ISC Stormcast For Friday, June 5th, 2026 https://isc.sans.edu/podcastdetail/9960, (Fri, Jun 5th)
Why Holistic Sourcing Wins: The Numbers Behind the Recorded Future Advantage
Future’s Intelligence Grap® uses holistic sourcing across 1M+ sources for complete threat intelligence and proactive defense.
The June 2026 AI Executive Order: What federal agencies need to know and how Tenable can help
On June 2, 2026, the White House signed an Executive Order directing federal agencies to harden their systems with AI-enabled cyber defenses and to stand up ...
Android Gemini prompt injection flaw patched by Google
SafeBreach researchers discovered that prompt injection attacks could be executed on Android phones if a user instructed Gemini to read their pending notific...
Apple removes Russia’s state-backed messaging app Max from its store
Russian authorities have promoted Max as a domestic alternative to foreign messaging platforms such as Telegram and WhatsApp.
Offroad launches with $7 million to use AI agents for identity security
Offroad addresses the growing complexity of identity security, which has surpassed manual review capabilities.
Fake document marketplace aiding migrant smuggling dismantled in Spain
The investigation, initiated by French authorities who identified the website, culminated in Spain with the arrest of a suspect in Alicante.
Amazon Cognito unlocks advanced capabilities with next-generation infrastructure
Amazon Cognito recently introduced high-throughput performance for demanding workloads, customer-managed keys for full control over data encryption at rest, ...
Brave Software releases Origin for a paid, bloat-free browsing experience
Brave has announced the public release of Brave Origin, a paid minimalist version of its browser that strips out cryptocurrency, AI, rewards, and other monet...
From Operating Model to Product: How We Built the ROC for Detection-Speed Remediation
In the first article in this series, we made the case for a prevention-led operating model. This article is about what happened next: the decision to build s...
Security Researchers Are Threat Actors - PSW #929
Hill Dems hammer GOP for $250M CISA budget cut
A House Appropriations subcommittee is set to mark up fiscal 2027 DHS funding legislation Friday. The post Hill Dems hammer GOP for $250M CISA budget cut app...
Trump considers Palantir exec to lead CISA
Shyam Sankar, the chief technology officer at Palantir Technologies, has emerged as a lead contender for the long vacant Cybersecurity and Infrastructure Sec...