OpenAI Daybreak joins growing movement of AI-driven vulnerability discovery
The program aims to leverage GPT models and Codex Security to improve software resilience.
SC Media
20 articles
Axios breach shows why software supply chains need zero trust
The axios breach shows trusted identities, not code flaws, now drive supply chain attacks.
The CISO shortage: Finding leadership without a leader
Thanks to AI, full-time CISO services may become available to firms that can't afford a full-time CISO.
House committee chair calls on Instructure to testify in Canvas hack
ShinyHunters hit Canvas twice, exposing student data via XSS and identity compromise.
ShinyHunters claims domain suspension after Canvas LMS attacks
The group's domain, shinyhunte.rs, went offline on Monday, May 11, 2026, leading to rumors of law enforcement seizure, potentially involving the FBI.
Veeam enhances data protection with new AI-powered features
Veeam Data Platform v13.1 introduces over 70 enhancements, including post-quantum cryptography to safeguard backups against future quantum computing threats.
Palo Alto Networks launches Idira identity security platform for AI era
Idira integrates technology from CyberArk, acquired by Palo Alto Networks for $25 billion, extending privileged access management controls to machine and AI ...
South Staffordshire Water fined nearly $1.3 million over data breach
The cyberattack on South Staffordshire Water Plc was initiated through a phishing attempt that allowed attackers to install undetected malware for nearly two...
Trusted by default: The npm attack pattern security teams miss
Developers are now the prime target in evolving npm supply chain attacks.
BWH Hotels confirms cyberattack impacting customer data
The cyberattack on BWH Hotels, which operates under brands like Best Western, WorldHotels, and SureStay Hotels, compromised customer names, email addresses, ...
Anthropic's AI finds one low-severity vulnerability in heavily audited curl codebase
Daniel Stenberg, the creator of curl, reviewed a Mythos analysis of 176,000 lines of C code, which claimed to have found five "confirmed" vulnerabilities.
Windows 10 KB5087544 update fixes Remote Desktop warnings and Secure Boot reporting
The KB5087544 update for Windows 10, available for Enterprise LTSC and ESU program participants, primarily delivers security fixes and bug resolutions, addre...
New CRPx0 malware campaign uses OnlyFans lure for crypto theft and ransomware
Operation SilentCanvas: Attackers use .jpeg files to deliver malware
Attackers are weaponizing .jpeg files to deliver PowerShell payloads, trojanize ScreenConnect, and establish persistence on target systems.
Grego AI launches with AI-powered vulnerability detection
The company's method, called Deep Invariant Analysis, scans entire codebases to map module and dependency connections.
RubyGems pauses new account sign-ups amid major malicious attack
The attack has led to the involvement of hundreds of packages, with many directly targeted and some containing exploits.
What zero-trust looks like for AI agents
Here’s four steps teams can take to secure newly-emerging agentic AI environments.
Signal enhances security with new features to combat phishing attacks
The messaging app is implementing several new features to protect users from scams, particularly those impersonating Signal Support.
Manifold Security expands supply chain intelligence to cover AI agent servers
The expansion adds scored entries for over 7,700 MCP servers to Manifold's existing index of agent skills and plugins.
AI cybersecurity startup Exaforce raises $125 million
Exaforce utilizes AI agents, dubbed "Exabots," to analyze data and automate security operations, aiming to reduce the burden on human analysts.