Active exploitation of max severity Flowise bug threatens broad compromise
More than 12,000 internet-exposed instances of open-source AI agent builder Flowise could be compromised by the ongoing exploitation of the maximum-severity ...
SC Media
20 articles
Immediate remediation of Fortinet FortiClient EMS bug ordered by CISA
BleepingComputer reports that the Cybersecurity and Infrastructure Security Agency has called on federal civilian executive agencies to remediate Fortinet Fo...
New CUPS vulnerabilities threaten RCE, network breaches
Attackers could combine a pair of newly discovered vulnerabilities in the Common Unix Printing System used by Linux and other Unix-like systems to facilitate...
AI agent compromise via illicit web content detailed
SecurityWeek reports that AI agents could be vulnerable to half a dozen attacks involving malicious web content that enables illicit command injection and un...
Novel ResokerRAT malware exploits Telegram API to target Windows systems
Windows systems are being subjected to intrusions involving the newly emergent ResokerRAT malware, which leverages Telegram Bot API to facilitate remote trac...
Malware distributed via ILSpy WordPress domain breach
Malicious actors have breached the official WordPress site for open-source decompiler ILSpy to compromise developers with malware as part of a new supply cha...
Malicious PyPI package enables Claude prompt, data compromise
Malicious PyPI package enables Claude prompt, data compromise GBHackers News reports that threat actors have been distributing the illicit PyPI package 'herm...
Cyber-enabled fraud, ransomware losses spike, FBI reports
Americans were noted by the FBI's Internet Crime Complaint Center to have reported significantly higher losses from increasingly prevalent cyber-enabled frau...
Palo Alto weaponizes Vertex AI agents as double agents
Palo Alto Networks researchers demonstrated how AI agents built on Google Cloud's Vertex AI platform could be compromised and turned into double agents, enab...
Cthullu, BlueHammer, NK, CUPs, Axios, Fortinet, Cognitive Surrender, Aaran Leyland - SWN #570
Niobium unveils encrypted cloud platform for private AI
Security Brief Australia reports that Niobium has launched The Fog, an encrypted cloud platform for private AI and data processing now available in private b...
Cloud security risks shift to control plane, experts warn
Ahead of World Cloud Security Day, executives from Adactin, ClickHouse, and Fastly highlighted emerging cloud security risks beyond traditional perimeter def...
ID Dataweb outlines the need for continuous identity threat detection
The industry needs tools that can verify users throughout the entire identity lifecycle without disrupting daily business processes.
Acquisition reform is materializing, but the harder test still lies ahead
The Pentagon is finally getting serious about procurement reform, but the proof will be in the pudding.
The Axios npm breach taught us the need for a personal zero-trust
Security pros need to develop a mental zero-trust that trusts nothing and tests everything.
Spyware maker avoids jail time in landmark case
Bryan Fleming, the first convicted spyware maker in over a decade, has been sentenced to time served and a $5,000 fine, avoiding jail time after pleading gui...
Businesses risk significant losses due to IT incidents, PagerDuty research reveals
Research from PagerDuty indicates that beyond lost revenue, businesses face substantial risks including reputational damage (cited by 53%), lost productivity...
Malicious email delivers advanced malware with privilege escalation and evasion tactics
The attack chain begins with a user receiving an email containing a URL that downloads an encoded .cmd file.
Windows zero-day vulnerability 'BlueHammer' exploit code released
The BlueHammer vulnerability is a local privilege escalation (LPE) flaw that combines a time-of-check to time-of-use (TOCTOU) vulnerability with path confusion.
Uffizi Galleries cyberattack: Data stolen, backups restore archive
Hackers targeted the Uffizi Galleries in February 2026, allegedly stealing the museum's entire photographic archive.