When “Hi, This Is IT” Comes Through Microsoft Teams
Attackers are increasingly targeting collaboration platforms like Microsoft Teams. Learn the risks and key steps to strengthen your organization's security.
General
20 articles
Massachusetts lawmakers pass consumer data privacy bill
The Massachusetts House unanimously passed the Consumer Data Privacy Act, a bill that will give residents rights to access and delete their data held by larg...
Silverfort integrates identity controls with Microsoft Copilot Studio agents
The new integration evaluates every access request made by a Copilot agent in real time, providing a decision before the action is executed.
New Apple feature automatically changes your compromised passwords
At WWDC 26, Apple announced an Apple Intelligence-powered feature that can automatically fix weak and compromised passwords. This works in Safari, and it's r...
UK gives big tech 3 months to create device controls to block nude images of kids
The companies “must activate built-in features or implement technical solutions on smartphones and tablets to detect and block nude images for children,” acc...
Silent Ransom Group moves to in-person method if vishing attempt fails
Mandiant warns Silent Ransom Group uses vishing and even in-person visits to steal data.
A Security Raises $37 Million for Autonomous Offensive Security Platform
The company founded by Yossi Torati, Omer Gull, and Yuval Itzchakov has emerged from stealth mode. The post A Security Raises $37 Million for Autonomous Offe...
Armenia’s pro-Europe party wins election despite Russia-linked disinformation
Pashinyan's Civil Contract party won nearly 50% of Sunday's vote, defeating the pro-Russian Strong Armenia party led by Russian-Armenian billionaire Samvel K...
WhatsApp says NSO targeted users with spearfishing attacks in violation of court order
WhatsApp said it is filing a federal court contempt order against NSO for violating a permanent injunction that bars it from mounting attacks against its users.
Microsoft changes how Defender for Endpoint EDR updates are delivered on Windows
Microsoft will distribute Defender for Endpoint EDR updates through Microsoft Update, enabling EDR security improvements to be released independently of mont...
Operationalizing AWS security: A maturity roadmap
Enabling security tooling is the starting point. Making it operational—where findings drive decisions, response times are measurable, and your security postu...
Critical Infrastructure: The Risk Hiding in Plain Sight - Jason Manar - CSP #225
AI brands as bait: How threat actors are using the AI hype in social engineering
As threat actors operationalize AI to accelerate attacks, they are also leveraging the wider global interest around AI itself as a social engineering lure. T...
Critical UniFi OS bug lets hackers gain root without authentication
Attackers can chain three already fixed vulnerabilities in the Ubiquiti UniFi OS server to execute remote code with root privileges and without authenticatio...
How managing digital identities has become critical to agentic AI projects
Teams need identity systems that have access control, the ability to limit and revoke privileges, and auditability.
Everybody Is Vibe Coding But Nobody Told the Security Team
AI-driven development is not something organizations can or should block. But it must be governed.
Researcher finds Bright Data iOS SDK turns smart TVs into web-scraping nodes
Bright Data, formerly Luminati, operates a large residential proxy network, with a portion sourced from an SDK embedded in free applications.
North Korean Hackers Use Fake Coding Tasks to Steal Crypto
North Korean actor UNK_DeadDrop targeted developers with fake coding tasks to steal crypto
AI agents discover numerous vulnerabilities in FFmpeg and Chrome
The security startup depthfirst utilized an autonomous AI agent to scan FFmpeg's extensive codebase, uncovering 21 previously unknown vulnerabilities, some o...
Guardrails for agents: How to secure AI at runtime
Here's how identity security is becoming the enforcement layer for agentic AI.