New Agent Integrity Framework defines the category for governing autonomous AI in the enterprise and enforcing agent behavior at scale Building on Proofpoint’s acquisition of Acuvity,
AI helped send weekly threat signal count from 80 million to 400 billion, then helped response time shrink from two days to 30 minutes Australia’s Commonwealth Bank built its own agentic AI threat...
The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject malware into hundreds of Python repositories. "The attack targets Python...
An Iranian group that has previously focused on operational technology targets also made a chilling yet unverified claim of responsibility for a deadly explosion at a Nebraska biofuels plant.
When I started working in mobile application security in 2018, most testing was still largely manual. Since then, the ecosystem has exploded with scanners, frameworks, and automation platforms....
Iranian threat group Boggy Serpens' cyberespionage evolves with AI-enhanced malware and refined social engineering. Unit 42 details their persistent targeting. The post Boggy Serpens Threat...
Kwamaine Jerell Ford allegedly impersonated an adult film star and tricked his high-profile victims into sharing their iCloud credentials and MFA codes under false pretenses. The post Zero lessons...
Operations and hospital networks not affected, we're told Robotics-assisted surgical tech firm Intuitive said that unauthorized intruders gained access to some of its internal IT business...
Some weeks in security feel normal. Then you read a few tabs and get that immediate “ah, great, we’re doing this now” feeling. This week has that energy. Fresh messes, old problems getting...
HPE security advisory (AV26-244)
The evolution of Iranian cyber operations in broad context: from custom wiper malware to misuse of legitimate admin tools and more. The post Iranian Cyber Threat Evolution: From MBR Wipers to...
Hacktivists use proxy services from Russia, China for 'billions of designed-for-abuse connection attempts' Cybercrime has skyrocketed since the start of the Iran war, according to Akamai, which...
Wing FTP security advisory (AV25-391) - Update 2
If you run security at any reasonably complex organization, your validation stack probably looks something like this: a BAS tool in one corner. A pentest engagement, or maybe an automated...
Microsoft Edge security advisory (AV26-243)
Three different ClickFix campaigns have been found to act as a delivery vector for the deployment of a macOS information stealer called MacSync. "Unlike traditional exploit-based attacks, this...
Interpol says fraud schemes using the tech are 4.5x more profitable AI is apparently good for the bottom line if your business is crime. Financial fraud schemes carried out with the help of...
Red Hat security advisory (AV26-242)
[Control systems] CISA ICS security advisories (AV26–241)
Understand how an AI agent hacked McKinsey’s internal AI platform ‘Lilli’, and the lessons organizations should take from this exercise. The post How an AI Agent Hacked McKinsey’s AI Platform...
Global identity security technology vendor ARCON and DNV Cyber formed a new partnership that will strengthen ARCON’s presence... The post ARCON teams with DNV Cyber to strengthen privileged access...
New cybersecurity regulations for drinking water and wastewater systems have been announced in New York, alongside a US$2.5... The post New York introduces cybersecurity rules, $2.5 million grant...
Google Chrome security advisory (AV26-240)
Last week's cyberattack on medical technology giant Stryker was limited to its internal Microsoft environment and remotely wiped tens of thousands of employee devices. [...]
Ubuntu security advisory (AV26-239)
For the latest discoveries in cyber research for the week of 16th March, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES United States-based medical technology company...
We have identified new tactics, techniques, and procedures (TTPs) used by the Warlock ransomware group (tracked by TrendAI™ as Water Manaul). In our previous article, we detailed how Warlock...
Ukrainian entities have emerged as the target of a new campaign likely orchestrated by threat actors linked to Russia, according to a report from S2 Grupo's LAB52 threat intelligence team. The...
A bipartisan bill introduced to Congress last week would help small and rural water utilities adopt modern cybersecurity protections and digital monitoring tools. The Futureproofing Local...
For more than two decades, successive U.S. administrations treated the UN as a necessary—if imperfect—venue for shaping global expectations of state behavior in cyberspace. The United States was a...