Major world economies spell out key elements of AI ‘ingredients list’
Experts on the topic say the G7 guidance is good, but could still use some improvements. The post Major world economies spell out key elements of AI ‘ingredi...
Cyberscoop
20 articles
Microsoft addresses 137 vulnerabilities in May’s Patch Tuesday, including 13 rated critical
The high volume of vulnerabilities reflects a growing trend researchers have been anticipating as artificial intelligence models are deployed to find previou...
Google and Amnesty International teamed up to make it harder for spyware vendors to hide
Intrusion Logging marks the first feature from a major device vendor to aid with forensic detection of sophisticated threats, Amnesty International said. The...
AI is separating the companies built to scale from the ones built to sell
Startups are scaling faster, attackers are getting smarter, and investors are getting more selective. The cybersecurity industry is in the middle of a reset.
Pressure mounts on Canvas as data leak extortion deadline looms
Attackers affiliated with The Com are threatening to leak data from more than 8,800 school systems if Instructure doesn’t pay a ransom. The post Pressure mou...
Google spotted an AI-developed zero-day before attackers could use it
Researchers found artifacts in the code that proved AI was heavily involved. A prominent cybercrime group planned to exploit the zero-day en masse for financ...
The missing cybersecurity leader in small business
As AI and quantum threats target the backbone of the American economy, Washington must provide the guidance and incentives necessary for SMBs to access execu...
Sen. Schumer seeks DHS plan on AI cyber coordination with state, local governments
The Senate’s top Democrat is worried about smaller government entities being left behind as AI models advance hacking risks. The post Sen.
ShinyHunters claims nearly 9,000 schools affected by Canvas data breach
The group that stole data from Instructure users claims that it will release the data of students from nearly 9,000 education institutions around the country...
Flaw in Claude’s Chrome extension allowed ‘any’ other plugin to hijack victims’ AI
Agentic AI is more popular than ever, but researchers keep finding trivial ways to hijack LLMs for nefarious purposes. The post Flaw in Claude’s Chrome exten...
Ivanti customers confront yet another actively exploited zero-day
Attackers are hitting a frequent target in the network edge space, intruding victim networks through a defect in a widely used mobile endpoint security produ...
Trump officials are steering a cybersecurity scholarship program toward AI
The latest development has thrown scholars for a curveball, and has some worried about being “left out to dry” when it comes to job positions. The post Trump...
American duo sentenced for hosting laptop farms for North Korean IT workers
The men’s separate schemes impacted almost 70 U.S.
One House Democrat is pressing Commerce on the government’s spyware use
Rep. Summer Lee’s letter, first reported by CyberScoop, follows ICE confirmation of using spyware and news of a Trump ally becoming NSO Group’s executive cha...
A DOD contractor’s API flaw exposed military course data and service member records
Researchers say Schemata’s platform exposed names, emails, base assignments, and course materials before the company patched the issue and contacted governme...
A critical Palo Alto PAN-OS zero-day is being exploited in the wild
The vendor hasn’t released a patch for the vulnerability or described the scope and objective of confirmed attacks. The post A critical Palo Alto PAN-OS zero...
CISA wants critical infrastructure to operate ‘weeks to months’ in isolation during conflict
The agency will begin targeted assessments meant to help critical infrastructure entities operate while disconnecting OT networks from IT and third-party ven...
CISA boasts AI automation improvements to threat analysis, mission support
Cybersecurity and Infrastructure Security Agency officials said it’s proven a boon in numerous areas, but there are some hurdles to adoption, still. The post...
Latvian national sentenced for ransomware attacks run by former Conti leaders
Deniss Zolotarjovs was mostly tasked with putting pressure on the Russia-based crew’s victims, in one case leaking hundreds of children’s health records. The...
‘Copy Fail’ is a real Linux security crisis wrapped in AI slop
The actively exploited defect could affect every mainstream Linux distribution built since 2017, but some researchers found Theori’s AI-generated disclosure ...