What Mozilla learned running an AI security bug hunting pipeline on Firefox
Over the past several months, Mozilla ran an agentic harness powered by Claude Mythos Preview across Firefox’s source code, identifying 271 security bugs tha...
Energy
11 articles
Nutanix and Palo Alto Networks Integrate for Robust Model Trust
Secure your AI models. The Nutanix and Palo Alto Networks Prisma AIRS integration provides advanced AI Model Security and AI Red Teaming for a secure-by-desi...
Die besten DAST- & SAST-Tools
Tools für Dynamic und Static Application Security Testing helfen Entwicklern, ihren Quellcode zu härten. Wir zeigen Ihnen die besten Tools zu diesem Zweck.
Hitachi Energy PCM600
View CSAF Summary Hitachi Energy is aware of a vulnerability that affects the Hitachi Energy PCM600 product versions listed in this document. An attacker suc...
⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More
This week, the shadows moved faster than the patches. While most teams were still triaging last month’s alerts, attackers had already turned control panels i...
CI/CD pipeline abuse: the problem no one is watching
How we built an open-source, drop-in CI template that uses signal extraction and LLM reasoning to catch CI/CD abuse in GitHub Actions, GitLab CI, and Azure D...
Researchers Identify Fast16 Sabotage Malware That Pre-Dates Stuxnet
The “fast16” malware may have been used to target Iran’s nuclear program prior to Stuxnet
Monitoring Claude Code/Cowork at scale with OTel in Elastic
How Elastic's InfoSec team built a monitoring pipeline for Claude Code and Claude Cowork using their native OTel export capabilities and Elastic's OTel inges...
Smashing Security podcast #460: Never knock on the door of a nuclear submarine base and ask for a selfie
A disgruntled data analyst decides that the best response to losing his contract is to steal the entire company payroll database and demand $2.5 million in B...
DynoWiper update: Technical analysis and attribution
ESET researchers present technical details on a recent data destruction incident affecting a company in Poland’s energy sector
ESET Research: Sandworm behind cyberattack on Poland’s power grid in late 2025
The attack involved data-wiping malware that ESET researchers have now analyzed and named DynoWiper