MITRE ATT&CK Mapping

Microsoft Security Blog Vulnerability Disclosure Microsoft May 7

When prompts become shells: RCE vulnerabilities in AI agent frameworks

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these vulnerabilities work, what’s impacted, an...

T1190 T1598

Microsoft Security Blog →

Cloudflare Blog General Cloudflare May 7

Building for the future

This afternoon, we sent the following email to our global team. One of our core values at Cloudflare is transparency, and we believe it's important that you ...

T1598

Cloudflare Blog →

The Record General May 7

North Carolina man pleads guilty to doxxing Supreme Court justices

The incident underscores the dangers public officials face from doxxing, as well as how easy it has become to find sensitive information online.

T1598

The Record →

Rapid7 Blog Data Breach Rapid7 May 7

Why Security in 2026 Requires Continuous Threat and Exposure Management (CTEM) at Scale

Let's be honest, the patching window just shrank to something no practitioner or organization can keep up with. Organizations now need to operate in an envir...

T1598

Rapid7 Blog →

GBHackers CVE Palo Alto Networks May 7

CISA Issues Warning Over Palo Alto PAN-OS Flaw Enabling Root-Level Access

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a newly identified, severe vulnerability within Palo Alto ...

T1598 1 IOC

GBHackers →

CSO Online General Microsoft Google Splunk IBM May 7

Bots in translation: Can AI really fix SIEM rule sprawl across vendors?

Enterprises migrating between SIEM platforms often have to manually rewrite detection rules because vendors such as Splunk, Microsoft Sentinel, IBM QRadar, a...

T1598

CSO Online →

Cyberscoop Malware May 7

One House Democrat is pressing Commerce on the government’s spyware use

Rep. Summer Lee’s letter, first reported by CyberScoop, follows ICE confirmation of using spyware and news of a Trump ally becoming NSO Group’s executive cha...

T1598

Cyberscoop →

CSO Online General May 7

Ten years later, has the GDPR fulfilled its purpose?

This year marks the 10th anniversary of the EU’s adoption of the General Data Protection Regulation, which became mandatory for all companies beginning on Ma...

T1598

CSO Online →

AWS Security Blog General Amazon Intel May 6

New compliance guide available: ISO/IEC 42001:2023 on AWS

We have released our latest compliance guide, ISO/IEC 42001:2023 on AWS, which provides practical guidance for organizations designing and operating an Artif...

T1598

AWS Security Blog →

SC Media General May 6

Most security pros say managing identity has become a major challenge

Nearly 9 in 10 security leaders struggle with identity sprawl as AI and NHIs expose governance gaps.

T1598

SC Media →

Qualys Blog Data Breach May 6

Before the Breach, There Was a Test Environment

Key Takeaways The Problem with Calling QA “Non-Production” Most security conversations begin at the wrong end of the problem. We start with the breach, the a...

T1598

Qualys Blog →

Cisco Advisories Vulnerability Disclosure Cisco May 6

Cisco Slido Insecure Direct Object Reference Vulnerability

A vulnerability in the REST API of Cisco Slido could have allowed an authenticated, remote attacker to access the social profile data of other users or affec...

T1598

Cisco Advisories →

BleepingComputer Ransomware May 6

Why ransomware attacks succeed even when backups exist

Backups don't fail because they're missing, they fail because attackers destroy them first. Acronis explains how ransomware targets backup systems before enc...

T1598

BleepingComputer →

Help Net Security General May 6

Proton Mail brings quantum-safe email encryption to all accounts

Post-quantum protection is now available as an optional feature in Proton Mail across all plans, including the free tier. How post-quantum protection works O...

T1598

Help Net Security →

CSO Online General May 6

Poisoned truth: The quiet security threat inside enterprise AI

As enterprises rush to deploy internal LLMs, AI copilots, and autonomous agents, most security conversations focus on familiar threats: prompt injection, jai...

T1041 T1598

CSO Online →

AWS Security Blog General Amazon May 5

Introducing AI traffic analysis dashboards for AWS WAF

As AI agents, bots, and programmatic access become an increasingly significant portion of web traffic, organizations need better tools to understand, analyze...

T1598

AWS Security Blog →

Qualys Blog General Qualys May 5

Converge Connect: Unlock Lower Premiums with Proven Qualys Security

Key Takeaways The Mythos moment is forcing cyber insurers to confront a question they have been deferring: what does it mean to underwrite cyber risk in real...

T1598

Qualys Blog →

CISA Advisories CVE May 5

ABB B&R Automation Runtime

View CSAF Summary ABB became aware of vulnerability in the product versions listed as affected in the advisory. An update is available that resolves a vulner...

T1598 1 IOC

CISA Advisories →

CISA Advisories CVE May 5

ABB B&R Automation Studio

View CSAF Summary ABB became aware of vulnerability in the product versions listed as affected in the advisory. An update is available that resolves a vulner...

T1598 1 IOC

CISA Advisories →

Infosecurity Magazine General May 5

AI Adoption Outpaces Safety Policies, Leaving Organizations Exposed to Cyber Risk

ISACA report warns that while AI has become the norm, many organizations are yet to formally apply safety or security policies around its use

T1598

Infosecurity Magazine →