General
20 articles
Silent Ransom Group (SRG): Switching To DNS Fast Flux Infrastructure
Researchers exposed the Silent Ransom Group ‘s Fast Flux infrastructure as the FBI warns of ongoing attacks targeting U.S.
Dark web Nemesis Market vendor gets 26 years for selling drugs
A California man was sentenced to more than 26 years in federal prison for trafficking fentanyl and methamphetamine through Nemesis Market, one of the world'...
Microsoft identifies seven new ways AI agents can be hacked
Microsoft has identified seven new failure modes in agentic AI systems, in addition to those it identified last year in its first Taxonomy of Failure Modes i...
Got a LinkedIn message from a recruiter? It might be Chinese intelligence, warn FBI and MI5
If you've ever received an out-of-the-blue message via LinkedIn from a recruiter offering some well-paid consultancy work, intelligence agencies have a messa...
Building secure B2C applications with fine-grained access control using Amazon Cognito and Amazon Verified Permissions
Modern web applications require robust security controls to protect user data and application resources. Authentication and authorization are two fundamental...
Why AI Agents Need an Identity Model, Not Just an API Key
Securing CI/CD in an agentic world: Claude Code Github action case
Microsoft Threat Intelligence identified a prompt injection pathway in Claude Code GitHub Action that allowed access to workflow secrets under specific condi...
Why writing software has become dangerous today
There’s just more code than ever and developers can’t verify everything – we need to make all that code understandable.
Commvault offers recommendations for resilience in the age of frontier AI
Frontier AI models, while powerful for identifying vulnerabilities, also present new risks from bad actors, accelerating exploitation timelines to mere minutes.
Over 900 US gas station tank gauge systems exposed to attacks
Over 900 automatic tank gauge (ATG) systems across the United States, used to monitor fuel and chemical storage tanks across various critical infrastructure ...
Nightmare Eclipse incident shows the researcher-vendor fights may never fully go away
When a researcher went public with Microsoft vulnerabilities, it laid bare a conflict that has never really been solved. The post Nightmare Eclipse incident ...
EU unveils tech sovereignty package to cut reliance on US, Chinese suppliers
The package bundles two draft laws — a Chips Act 2.0 and a Cloud and AI Development Act (CADA) — alongside an Open Source Strategy and a roadmap for digitali...
Your AI bill is out of control. Cloudflare can fix it now.
AI Gateway now features real-time spend limits to prevent runaway token bills across multiple AI providers. By integrating with Cloudflare Access, companies ...
New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework
Cybersecurity researchers have discovered a previously unreported threat cluster dubbed OP-512 that has been observed targeting Microsoft Internet Informatio...
Advancing Cybersecurity in the Age of Frontier AI: Qualys Steps into Project Glasswing
The cybersecurity industry has spent much of the last two years debating how attackers might use AI. That debate matters, but it misses a larger point: defen...
Hola Browser Windows Delivery Pipeline Hijacked to Deploy Cryptominer
An undeclared executable bundled with Hola Browser for Windows (version 1.251.
Trend Micro Deep Security Agent Flaw Allows Repeatable Security Bypass
Trend Micro’s Deep Security Agent for Linux contains a design flaw in its behavior-monitoring stack that allows a local, unprivileged attacker to repeatedly ...
Infosecurity Europe: Practical Lessons From Lloyds' Agentic AI Security Playbook
Lloyds Banking Group shared its approach for securing agentic AI workflows, with a mix of hands on experimentation and cross functional governance
Only 10% of SOCs Say They’re Getting Excellent Value From AI. Here’s What the Second Wave Has to Deliver
Eighteen months ago, the AI SOC was a marketing line. Today it's a budget item.