Analysis reveals concerning features in official White House app
A security researcher known as Thereallo has found that the app can inject code into third-party websites, effectively hiding cookie consent banners, GDPR no...
General
20 articles
Tanium and ServiceNow partner for autonomous IT operations
The collaboration merges Tanium's real-time endpoint intelligence with ServiceNow's workflow orchestration to address the gap between IT visibility and action.
Herd Security raises $3 million for AI-powered security training
Founded in 2025, Herd Security provides an agentic AI platform designed for continuous security awareness training.
Boost Security acquires 2 startups, raises $4 million for AI defense platform
Boost Security has acquired SecureIQx, an MIT-founded startup specializing in software composition analysis reachability, and Korbit Technologies, an AI-driv...
CISA urges critical infrastructure to plan for prolonged service delivery during emergencies
CISA is warning that state-sponsored hackers, specifically Chinese groups known as Salt Typhoon and Volt Typhoon, pose a continuous threat to vital sectors s...
Multiple universities forced to reschedule final exams after Canvas cyber incident
On Thursday, dozens of students took to social media to say they saw a message from a cybercriminal group as they navigated through Canvas, an educational pl...
The human factor: Why AI-powered SOCs still need people in charge
AI agents shouldn't replace human security analysts but instead augment them.
One in eight UK workers has sold their company passwords, and bosses think it’s fine
One in eight UK workers admits to selling their company login credentials - or knowing someone who has - in the past 12 months. The really alarming bit?
Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads
Cybersecurity researchers have discovered fraudulent apps on the official Google Play Store for Android that falsely claimed to offer access to call historie...
Inside Department 4: Russia’s secret school for hackers
Most universities have a careers fair. At Bauman Moscow State Technical University, however, an elite group of students appear to have something rather more ...
Why More Analysts Won’t Solve Your SOC’s Alert Problem
Attackers move faster than overwhelmed SOC teams can realistically investigate alerts. Prophet Security breaks down how AI can help analysts investigate aler...
Pro-Ukraine BO Team and Head Mare hackers appear to team up in attacks against Russia
Researchers at Moscow-based cybersecurity firm Kaspersky said they identified overlapping infrastructure and tools used by both groups — including command-an...
Flaw in Claude’s Chrome extension allowed ‘any’ other plugin to hijack victims’ AI
Agentic AI is more popular than ever, but researchers keep finding trivial ways to hijack LLMs for nefarious purposes. The post Flaw in Claude’s Chrome exten...
Zero Chaos: Scaling Detection Engineering at the Speed of Software, with Detection As Code
Every engineering team in your organization ships code through a pipeline. They branch, test, review, and deploy.
Claude in Chrome is taking orders from the wrong extensions
Anthropic Claude’s Chrome browser extension, known as Claude in Chrome, has a bug that can allow other malicious extensions to hijack it, compromising truste...
Cyberattack Hits Canvas System Used by Thousands of Schools as Finals Loom
A system that thousands of schools and universities use went offline due to a cyberattack, creating chaos as students tried to study for finals. The post Cyb...
One Missed Threat Per Week: What 25M Alerts Reveal About Low-Severity Risk
The dark secret of enterprise security operations is that defenders have quietly institutionalized the practice of not looking. This is not just anecdotal, b...
Google is turning Android Studio into a policy watchdog
Google has expanded Play Policy Insights in Android Studio to help developers catch policy issues while coding, including warnings for common problems such a...
Your CTEM program is probably ignoring MCP. Here’s how to fix it
Model Context Protocol (MCP) is the connective tissue of modern AI tooling and has quietly become one of the most significant blind spots in modern security ...
Helping North Korean IT remote workers is becoming a fast track to prison
Two U.S.