Chinese hackers use new Atlas RAT malware in European cyberattacks

A Chinese-speaking cybercrime group has expanded its targeting to the European space, deploying previously undocumented malware and the Atlas backdoor. [...]

The U.S. sanctions Nobitex crypto exchange used by ransomware

The U.S. Treasury's Office of Foreign Assets Control (OFAC) has announced sanctions against Nobitex, Iran's largest cryptocurrency exchange, for facilitating payments related to terrorist activities. [...]

CISA warns of cyberattacks targeting fuel tank monitoring systems

CISA, the FBI, the NSA, the Department of Energy, and other US government partners are warning that hackers are targeting internet-exposed automatic tank gauge (ATG) systems used to monitor fuel and liquid storage tanks across various critical infrastructure…

WhatsApp, Slack Notifications Could Hijack Google Gemini on Android

A single poisoned notification from WhatsApp, Slack, SMS, Signal, Instagram, or Messenger could have hijacked Google Gemini's voice assistant on Android and made it open a victim's connected windows, fake a message from their boss, push the phone into a Zoom…

xAI Asks Court to Strip Alleged Grok Deepfake Nudes Victims of Anonymity

Four people suing Elon Musk's AI firm under pseudonyms due to the risks of being identified may face a difficult choice: Reveal your real names, or drop the lawsuit.

Cyber espionage campaign targeted stock exchange executive’s Outlook account

Attackers spent five months silently stealing emails from a stock exchange executive’s Outlook account in a suspected espionage operation. A threat actor quietly sat inside a senior executive’s Outlook account at a major global stock exchange for roughly 150…

Coralogix Raises $200M at $1.6B Valuation to Scale AI Observability Platform

Coralogix offers a full-stack observability platform that unifies logs, metrics, traces, security, and AI observability. The post Coralogix Raises $200M at $1.6B Valuation to Scale AI Observability Platform appeared first on SecurityWeek .

Google DoubleClick Abused in New Malspam Campaign to Deliver DesckVB RAT

Cybersecurity researchers have flagged a new malspam campaign that makes use of Google's DoubleClick domain as a way to evade detection and ultimately deliver a remote access trojan (RAT) named DesckVB RAT. "Before the victim ever reaches attacker-controlled…

Beyond the Zero-Day: See Your Network Like an Attacker | Webinar with HD Moore

Assume the breach. Zero-days keep shipping, AI is writing exploits faster than anyone patches, and "patch everything in time" stopped working years ago. Stop betting the org on winning that race. You don't control which bug lands. You control what it can…

Microsoft responds to security challenges facing code, AI agents, and models

Microsoft has introduced a series of security tools and capabilities focused on AI-driven vulnerability discovery, AI agents, and AI models. The updates include a multi-agent vulnerability discovery system, new controls for managing and securing AI agents,…

Russia’s FSB Says Foreign Spies Infected Officials’ Phones With Malware

Russia’s FSB claims foreign intelligence planted malware on senior officials’ phones to intercept calls and activate cameras. No technical evidence, no country named. On June 2, 2026, Russia’s Federal Security Service (FSB) published a statement claiming it…

Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479)

Redis has patched a use-after-free in its blocking-client code that lets an authenticated user run arbitrary OS commands on the machine hosting the database. The flaw was found by an autonomous AI tool built to hunt bugs in large codebases. Tracked as…

Infosecurity Europe: Vulnerability Management Innovator Konvu Wins Cyber Startup Award

Inaugural Infosecurity Europe Cyber Startup Award Winner Impresses Panel with Ability Help Prioritize Vulnerabilities in AI era

Kirki, Burst Statistics WordPress Plugin Flaws in Attackers’ Crosshairs

Threat actors are exploiting vulnerable Kirki and Burst Statistics deployments to elevate privileges and take over websites. The post Kirki, Burst Statistics WordPress Plugin Flaws in Attackers’ Crosshairs appeared first on SecurityWeek .

Security of 100 AI Agents Tested and Ranked – What You Need to Know

The AI Risk Quadrant evaluates AI agents based on three factors: how vulnerable they are to compromise, the potential impact of a breach, and the strength of their security defenses. The post Security of 100 AI Agents Tested and Ranked – What You Need to Know…

Simplify security management with CIS SecureSuite Platform

New operating systems prioritize usability, a reality which threat actors use to exploit security gaps. Every misconfiguration creates an opportunity for compromise, and lean teams struggle in their security management efforts to harden hundreds or thousands…

Autonomous AI-driven worm can reason its way through corporate networks

Researchers at the University of Toronto, the Vector Institute, and the University of Cambridge have built and tested a proof-of-concept AI-driven worm that does not operate on a fixed list of exploits. Instead, it analyzes each target it encounters, reasons…

Malware campaign targeting Minecraft users infects over 116,000 systems

A Malware-as-a-Service (MaaS) operation named WeedHack is targeting Minecraft users and allows threat actors to gain remote access to victims’ screens, webcams, and files through a web-based dashboard, McAfee researchers found. Minecraft, developed by Mojang…

IMA Diligence Services Data Breach Impacts 525,000 People

The affected individuals’ personal information was stolen from a legacy server managed by a third party. The post IMA Diligence Services Data Breach Impacts 525,000 People appeared first on SecurityWeek .

Organizations Warned of Exploited Linux Kernel Vulnerability

An improper authentication bug allows attackers to escalate their privileges and escape containers. The post Organizations Warned of Exploited Linux Kernel Vulnerability appeared first on SecurityWeek .

Only 11% of production agents pass the AI agent security bar

Enterprise teams are running AI agents that write code, drive browsers, answer customer calls, manage cloud infrastructure, and query data warehouses with standing credentials. A new independent assessment of 100 production agents finds that nearly all of…

Trump Signs Order Inviting Voluntary Review of Frontier AI Models

Trump's executive order invites voluntary pre-release review of frontier AI models

U.S. CISA adds Android and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Android and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Windows Shell and ConnectWise ScreenConnect…

Unpatched Windows Search URI Vulnerability Lets Attackers Steal NTLMv2 Hashes

Cybersecurity researchers have disclosed details of an unpatched issue that could be exploited to disclose a user's NTLMv2 hash to the attacker. Like in the case of CVE-2026-33829, which impacted the Windows Snipping Tool's ms-screensketch: URI handler, the…

New cyber force would cost up to $11 billion to start, commission says

The military branch would take 12 to 18 months to get up and running and also include roughly 5,000 members of the National Guard and up to 6,000 civilians, according to the commission.

Anthropic Expands Mythos Access to 150 More Organizations

Anthropic widens Project Glasswing access to 150 more firms as patching becomes the bottleneck

Google adds Android protection against AI deepfake scam calls

Google is introducing a new Android security feature that will detect and flag phone calls in which scammers use artificial intelligence to impersonate a user's personal contacts. [...]

Infosecurity Europe: Patch Responsibility Remains Up for Grabs as AI Unearths Decades of Flaws

The emergence of AI models capable to autonomously find and fix vulnerabilities at scale is having a significant impact on patching management, experts say

New Android feature promises to spot deepfake scam calls

Android is introducing fake call detection to help protect users from impersonation scams. The feature can detect and flag suspected spoofed calls when both parties use Phone by Google on Android 12 or later. It will roll out globally this month, starting…

New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare

Cybersecurity researchers have discovered a remote denial-of-service exploit that affects major web servers, including NGINX, Apache HTTPD, Microsoft IIS, Envoy, and Cloudflare Pingora. The vulnerability has been codenamed HTTP/2 Bomb by Calif. "The…

Microsoft Scout agent opens a new category of always-on Autopilots

Workplace AI assistants have mostly waited for a prompt before doing anything. A user asks, the tool answers, and the exchange ends there. Microsoft is putting a different kind of agent inside its Office applications, one designed to keep operating in the…

Anthropic expands Project Glasswing to 150 organizations in more than 15 countries

Anthropic is expanding Project Glasswing, its cybersecurity initiative built around the Claude Mythos Preview model, by adding about 150 organizations following several weeks of work with its initial group of partners, security firms, open-source maintainers,…

Infosecurity Europe: Execs Must Treat Cyber Threats as Statecraft, ISACA Expert Say

Private firms are being targeted by nation-state groups for reasons beyond finance, argued ISACA’s Bharat Thakrar

Infosecurity Europe: AI-Powered Cybercrime Tools Surge on Dark Web

Halcyon’s Cynthia Kaiser lifts the lid on the dark web market for AI cybercrime tools

Critical Start expands MDR capabilities with multi-agent AI system

Critical Start has released SOC AI, a production-proven multi-agent framework powering its AI-led Managed Detection and Response (MDR). SOC AI coordinates ten specialized agents across the full alert investigation and response lifecycle, covering detection,…

MazeBolt brings AI-generated attack simulation to DDoS security testing

MazeBolt has announced the launch of RADAR VectorAI, a new MazeBolt module that creates AI-generated DDoS attacks. As AI outpaces human response, enterprises need to have access to validated DDoS vulnerability data about both known and AI-generated attack…

Weedhack Attacks Minecraft Users, CountLoader Hits 86K, Miners Spread via Pirated Content

Cybersecurity researchers have flagged a new campaign targeting Minecraft players via YouTube to spread malware capable of gaining control of victims' systems. The Minecraft-focused malware-as-a-service (MaaS) campaign has been codenamed Weedhack by McAfee…

OpenAI upgrades GPT-5.5, as it plans to retire legacy ChatGPT models

OpenAI says it's rolling out a new update that improves the existing GPT-5.5 Instant model, and this move comes ahead of the scheduled retirement of multiple legacy models, including o3. [...]

Trump Signs Executive Order That Invites Vetting of Top AI Models for National Security Risks

The order establishes a framework for the federal government to vet the national security risks of the most advanced AI systems for up to a month before their public release. The post Trump Signs Executive Order That Invites Vetting of Top AI Models for…

White House unveils pared-back AI executive order

The order notes that federal access to the models should be subject to “appropriate confidentiality, cybersecurity, insider-risk, and intellectual-property protection, use, and nondisclosure requirements.”

Two New Reports Offer Competing Explanations for Cybersecurity’s Growing Crisis

As AI shortens the path from vulnerability disclosure to exploitation, researchers disagree on whether the problem is inadequate security tools or inadequate operational control. The post Two New Reports Offer Competing Explanations for Cybersecurity’s…

Instagram Account Hijacks Expose the Security Risks of AI-Powered Support

Attackers exploited Meta’s AI support chatbot to reset Instagram passwords and hijack accounts without accessing victims’ email inboxes. Attackers abused Meta’s AI-powered support chatbot to reset Instagram passwords and hijack accounts without accessing…

Infosecurity Europe: Cybersecurity Teams Which Don’t Leverage AI are "Doomed to Fail"

Humans still need to be part of cyber defense, but refusing to deploy AI is no longer optional against AI-enhanced cyber threats, warns Dataminr’s Joe Slowik

Infosecurity Europe: Bayer Reinvents Security Awareness Training to Counter AI Threats

Bayer’s security awareness training now focuses on psychological approaches rather than technical methods for detecting social engineering

AI-Driven Exploitation is Destroying Vulnerability Management. Here’s How to Handle It.

AI-driven exploitation timelines are rapidly shrinking, and they are not going to stop shrinking. Vulnerabilities are being discovered, reproduced, and weaponized faster than ever in the history of enterprise security. As a result, the window between a…

Threat Actor Uses AI to Build EDR Evasion Tools

A threat actor used AI coding tools to build and test EDR evasion malware, Sophos finds

Infosecurity Europe: UK Firms Prioritize AI Threat Preparedness as Cyber Risks Evolve

UK organizations are prioritizing AI-driven cybersecurity as 43% cite AI-powered attacks as their top risk, prompting significant investment in advanced threat defense

Attackers Hijack Red Hat npm Scope to Steal Cloud Secrets

Attackers backdoored 32 packages in Red Hat's official npm scope to steal cloud and CI secrets

New Wave Of Phishing Emails with SVG Files, (Tue, Jun 2nd)

For a few days, my SANS ISC mailbox is flooded with emails that delivers SVG files. An SVG ("Scalable Vector Graphic") is a web-friendly vector file format used for graphics and icons. No URL in the body, just “an image”,…

Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts

The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U.S. Space Force were briefly defaced with pro-Iranian images and messages over the weekend, after instructions began circulating on Telegram showing how to trick Meta's "AI…

Critical Flowise Flaw Gives Attackers Full Server Control

Obsidian publishes PoC for a 1-click Flowise RCE that can fully compromise self-hosted servers

⚡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Attacks, OAuth Phishing and More

Monday hit like a cron job with anger issues. A busted auth path here, a repo-side faceplant there, some "patched-ish" thing already getting chewed on in the wild, and then the usual bonus round: poisoned dev tools, sketchy forum chatter, phishing kits…

Infosecurity Europe: AI SOCs Will Still Need SOC Analysts, Security Vendors Say

Top cybersecurity vendors said AI won't replace entry-level – only routine ticket-taking and triage

OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack

Cybersecurity researchers have disclosed details of a new malicious supply chain campaign that's targeting developers using OpenAI Codex through a legitimate-looking remote web UI. The tool, named codexui-android, is advertised on GitHub and npm as a remote…

Attackers Abuse Shared Content for ChatGPT Phishing Campaign

Push Security says threat actors are delivering malware hosted on chatgpt.com/s/ domain

Infosecurity Europe: OWASP Forms New Agentic Research Council

OWASP’s new Agentic Research Council will aim to connect academic work to operational realities on agentic AI security

Cybercrime Crew Claims It Hacked Mike Lindell’s MyPillow

Plus: A ransomware group is now stealing data in person, BusPatrol wants to hand its license plate surveillance data to the cops, and more.

ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface

Cybersecurity researchers have disclosed details of a vulnerability in OpenAI ChatGPT that leverages the artificial intelligence (AI) assistant's implicit trust in Markdown links and images to trigger prompt injections and open the door to phishing attacks.…

Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit

An unknown threat actor has been observed using a large language model (LLM) agent to conduct post-compromise actions after obtaining initial access following the exploitation of a publicly-accessible Marimo network using a recently disclosed vulnerability.…

New Russia-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks

A previously undocumented threat actor dubbed GREYVIBE has been attributed to ongoing and persistent attacks targeting Ukraine and Ukraine-related entities since at least August 2025. GREYVIBE, per WithSecure, is assessed to be a Russian-speaking group…

What 2,000 Exposed Vibe-Coded Apps Reveal About the Limits of Most Security Stacks

Shadow AI used to mean employees pasting things they shouldn't into ChatGPT. It now means something bigger: employees building full applications with AI, wiring them into production systems, and publishing them on the open internet. Without Security or IT in…

AI-Generated npm Malware Leaks Its Own GitHub Token

Sloppy AI-generated npm infostealer leaked its own GitHub token, exposing the operator

ThreatsDay Bulletin: Claude Security Plugin, Azure Priv-Esc, Kali365 MFA Bypass, FIFA Scams +15 More

Every time you think the industry has finally stopped doing some reckless, low-effort crap, somebody spins up a fresh box full of sketchy loaders, fake installers, recycled social-engineering bait, and enough exposed infrastructure to make you wonder if prod…

New AI Usage Report: Enterprise AI Risk Is Heavily Concentrated Among a Small Group of AI "Power users"

State of AI Usage Report 2026 (full report here) by LayerX Security reveals the extent of the enterprise AI visibility gap and why most organizations still don't understand where their AI exposure is actually coming from. The research shows that enterprise AI…

Scammers Are Using Your Real Hotel Reservations to Trick You With Spear-Phishing Attacks

Customer data from more than 350 hotels around the world may have been accessed as part of realistic reservation-hijacking scams.

GCHQ Chief Urges Action as AI Reshapes Cyber Threats

GCHQ director urges urgent business cyber action as AI and quantum reshape the threat

Malicious npm Package Stole Files From Claude AI User Directory via GitHub

Cybersecurity researchers have discovered a new malicious package on the npm registry that comes with information stealing capabilities. According to OX Security, the package, named "mouse5212-super-formatter," is designed to upload files from…

5 Steps to Managing Shadow AI Tools Without Slowing Down Employees

When an employee installs an AI writing assistant, connects a coding copilot to their IDE, or starts summarizing meetings with a new browser tool, they are doing exactly what a productive employee should do: finding faster ways to work. Across most…

All Major LLMs Exposed to Multi-Turn Manipulation, Warn Researchers

68% of UK Firms Plan to Increase Cyber Spending as AI Risks Rise

UK firms plan higher cyber spending as AI adoption raises security concerns

AI Chatbot Recommendations Redirect Users to Cryptojacking Malware Sites

Microsoft has warned of an active cryptojacking campaign that makes use of artificial intelligence (AI) chatbot interactions as a mechanism for surfacing malicious download sites. "This emerging delivery technique extends social engineering beyond…

[THN Webinar] New AI DDoS Attacks Are Smarter. Learn How to Fight Back

Every single day, hackers are finding new ways to crash websites and steal data. But right now, something has changed. Hackers are no longer working alone. They are now using powerful Artificial Intelligence (AI) tools to make their attacks faster, stronger,…

India's CERT-In Sets 12-Hour Patch Deadline for Exposed Flaws

CERT-In urges 12-hour patching of exposed flaws as AI compresses exploitation timelines

US Law Enforcement Warns of ‘Anti-Tech Extremism’ as AI Hatred Grows

As Americans stew over the looming risk of job-stealing AI and data centers in their back yards, the feds are raising the alarm about a new category of threat, documents obtained by WIRED show.

CERT-In Recommends 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks

The Indian Computer Emergency Response Team (CERT-In) has issued new guidelines requiring organizations to patch critical security vulnerabilities in internet-exposed systems within 12 hours of being flagged where "feasible" to safeguard against potential…

Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattacks

Authorities in the Netherlands have arrested the co-owners of two related Internet hosting companies for operating IT infrastructure used by Russia to carry out cyberattacks, influence operations and disinformation campaigns inside the European Union. The two…

The AI Era Is Creating a Bug-Hunting Arms Race

As attackers ramp up their AI exploit development, the search for software vulnerabilities is changing rapidly.

The FBI Wants ‘Near Real-Time’ Access to US License Plate Readers

Plus: Google publishes a live exploit for an unpatched flaw, the feds arrest two men accused of creating thousands of nonconsensual deepfake nudes, and more.

Lawmakers Demand Answers as CISA Tries to Contain Data Leak

Lawmakers in both houses of Congress are demanding answers from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) after KrebsOnSecurity reported this week that a CISA contractor intentionally published AWS GovCloud keys and a vast trove of other…

Fake Gemini and Claude Code Sites Spread Infostealers Through SEO Poisoning

The infostealer payload in this campaign collect a vast amount of data, from collaboration authentication keys to cryptocurrency wallets

Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada

Canadian authorities on Wednesday arrested a 23-year-old Ottawa man on suspicion of building and operating Kimwolf, a fast spreading Internet-of-Things botnet that enslaved millions of devices for use in a series of massive distributed denial-of-service…

Three-Quarters of Firms Knowingly Ship Vulnerable Code

AI risks threaten to permeate supply chains through unvetted code and unaudited suppliers

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.

Data Brokers’ and AI Firms’ Opt-Out Forms Are Built to Fail, Report Finds

A new study finds AI companies, defense firms, and dating apps are among 38 data collectors allegedly using manipulative design to confuse users while collecting their data.

AI Raises the Bar on Vulnerability Awareness and Secure-by-Design Software

AI-powered vulnerability scanning leaves no excuse for unpatched bugs as the EU Cyber Resilience Act pushes firms toward secure-by-design software

Agentic AI Accelerates Software Builds and Mobile App Attacks

Digital.ai data reveals 87% of apps were attacked over the past year

NCSC Publishes Guidance on Securing Agentic AI Use

The UK’s National Cyber Security Centre is helping organizations to understand agentic AI security risks

Bank of England, FCA and Treasury Raise Alarm Over Frontier AI

The UK’s financial authorities have set expectations for the sector on cybersecurity and operational resilience

Most Organizations Now Use AI Agents for Sensitive Security Tasks

Semperis study finds 74% of organizations believe AI will increase attacks on identity infrastructure

ICO Publishes Five-Step Plan to Counter Emerging AI-Powered Attacks

The Information Commissioner’s Office has released new guidance on how to mitigate the risk of AI-powered attacks

Global Cyber Agencies Issue New SBOMs for AI Guidance to Tackle AI Supply Chain Risks

The G7 Cybersecurity Working Group releases new SBOM for AI guidance, outlining seven key data clusters to boost transparency and security across AI supply chains

UK Cybersecurity Market Expands to £14.7bn with Strong Growth in AI Security Firms

UK cybersecurity sector reaches £14.7bn in revenue, driven by rapid growth in AI security firms, increased investment and rising employment across the industry

Patch Tuesday, May 2026 Edition

Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer code. That reality is on full display this month with some of…

OpenAI Launches 'Daybreak' to Help Build Secure By Design Software

With Daybreak, OpenAI wants its frontier AI models to be used to deploy secure by design software from the ground up

Malicious Hugging Face Repository Typosquats OpenAI

HiddenLayer reveals infostealer malware in a Hugging Face repository

Fake Claude Code Page Pushes PowerShell Stealer at Devs

Ontinue uncovers fake Claude Code installer pushing PowerShell stealer abusing Chrome's IElevator2

Hackers Observed Using AI to Develop Zero-Day for the First Time

Google Threat Intelligence Group details how cybercriminals attempted to launch a campaign based around an AI-developed Zero-Day targeting open-source software

Legacy Security Tools Failing Data Protection, Capital One Software Report Finds

Traditional network security tools are undermining data protection, with Forrester and Capital One Software research warning AI adoption is impossible without rethinking data security

Cline Kanban Flaw Lets Websites Hijack AI Coding Agents

Oasis Security finds critical Cline kanban WebSocket flaw exposing AI coding agents to hijack

OpenAI and Anthropic LLMs Used in Critical Infrastructure Cyber-Attack, Warns Dragos

Commercial AI models were used to help plan and conduct cyber-attack against operational technology of a water and drainage facility, say researchers

Fake Claude AI Site Drops Beagle Backdoor on Windows Users

Sophos finds fake Claude site spreading DonutLoader and a new Beagle backdoor via DLL sideloading

AI Adoption Outpaces Safety Policies, Leaving Organizations Exposed to Cyber Risk

ISACA report warns that while AI has become the norm, many organizations are yet to formally apply safety or security policies around its use

OpenAI To Extend Cyber Program to Government Agencies

OpenAI announced its intention to expand the Trusted Access for Cyber program for cyber defenders at the federal, state and local government levels

Anthropic Rolls Out Claude Security for AI Vulnerability Scanning

Claude Security enters public beta, giving enterprises AI driven code scanning with no API integration or custom agents required

Nine-Year-Old Zero-Day Flaw in Linux Kernel Discovered by AI-Equipped Security Researcher

A researcher from offensive security firm Theori has found a nine-year-old flaw in the Linux kernel with the help of AI

Cyber is the Number One Global “People Risk,” Says Marsh

Marsh’s 2026 People Risks survey finds cyber‑related challenges dominate, as cyber‑threat literacy tops risks and cyber and AI skills shortages rise

Malicious npm Dependency Linked to AI Assisted Commit Targets Crypto Wallets

Researchers uncover a malicious npm dependency linked to an AI‑assisted code commit that steals sensitive data and exposes crypto wallets

AI Rush is Reviving Old Cybersecurity Mistakes, Mandiant VP Warns

AI tools are not just creating new vulnerabilities, they are reviving old security failures, warned Jurgen Kutscher, VP of Mandiant Consulting

Google Favors General-Purpose Gemini Models Over Cybersecurity‑Specific AI

Google Cloud’s COO advocated for combining general-purpose frontier large language models with task-specific AI agents

Google Introduces Unique AI Agent Identities in New Gemini Enterprise Platform

Google Cloud will attribute a unique cryptographic ID every AI agent that will be tied to “traceable and auditable” authorization policies

Researchers Uncover 10 In-the-Wild Prompt Injection Payloads Targeting AI Agents

Forcepoint has found 10 new indirect prompt injection attacks targeting AI agents

Defending Against China-Nexus Covert Networks of Compromised Devices

<div class="SCXW131754345 BCX8"> <div class="OutlineElement Ltr SCXW131754345 BCX8"> <h2><a class="c-button c-button--on-dark"…

Unchecked AI Agents Cause Cybersecurity Incidents at Two Thirds of Firms

Data exposure, operational disruption and financial losses among issues faced by businesses struggling with the rapid rise of AI agents, warns Cloud Security Alliance report

Commercial AI Models Show Rapid Gains in Vulnerability Research

AI models are making rapid gains in vulnerability research and exploit development, raising new cybersecurity risks, a Forescout study finds

OpenAI Unveils GPT-5.4-Cyber for Improving Cyber Defense With AI

OpenAI’s new frontier model focused on cybersecurity comes following Anthropic’s launch of Claude Mythos Preview and Project Glasswing

AI Companies to Play Bigger Role in CVE Program, Says CISA

At VulnCon, Lindsey Cerkovnik, head of vulnerability management at CISA, said AI companies should play a bigger role in vulnerability disclosures in the future

AI Security Institute Advocates Security Best Practices After Mythos Test

The AISI has issued its judgement on Anthropic’s Mythos Preview model

Governance Gaps Emerge as AI Agents Drive 76% Increase in NHIs

SANS Institute reveals that AI agents are behind a 76% surge in non-human identities

Google API Keys Quietly Gain Access to Gemini on Android Devices

Google API key flaw exposes mobile apps to Gemini AI access, private files and billing risks

Anthropic Launches Project Glasswing to Use AI to Find and Fix Critical Software Vulnerabilities

Anthropic launches Project Glasswing, using its Claude Mythos Preview AI to autonomously identify and fix undiscovered vulnerabilities in critical software

Claude Discovers Apache ActiveMQ Bug Hidden for 13 Years

Anthropic’s Claude AI has helped researchers find a vulnerability in Apache ActiveMQ Classic

GrafanaGhost Exploit Bypasses AI Guardrails for Silent Data Exfiltration

GrafanaGhost chains AI prompt injection and URL flaws to exfiltrate sensitive Grafana data

Over $17bn Lost to Cyber Fraud in the Last Year, Warns FBI

Cryptocurrency scams alone cost victims over $7 billion, while AI-enabled fraud threats are on the rise, says FBI

Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure

<h2><strong>Advisory at a Glance</strong></h2> <table> <tbody> <tr> <th>Title</th> <td>Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure</td> </tr> <tr> <th>Original Publication</th> <td>April 7,…

ChatGPT Security Issue Enabled Data Theft via Single Prompt

OpenAI has patched vulnerability, which Check Point said was because of a DNS loophole

DeepLoad Malware Combines ClickFix With AI-Generated Code to Avoid Detection

Researchers at ReliaQuest warn of persistent malware campaign targeting enterprise credentials

Security Researchers Sound the Alarm on Vulnerabilities in AI-Generated Code

Security researchers from Georgia Tech have observed a surge in reported CVEs for which the flaw was introduced by AI-generated code

AI Becomes the Top Cybersecurity Priority for Defenders as Criminals Exploit It, PwC Warns

PwC Annual Threat Dynamics report says AI-threats are the biggest concern of clients

OpenAI Expands Bug Bounty to Cover AI Abuse and 'Safety' Concerns

OpenAI’s Safety Bug Bounty program seeks to address AI safety vulnerabilities beyond traditional security flaws

TeamPCP Expands Supply Chain Campaign With LiteLLM PyPI Compromise

Python package LiteLLM compromised with credential-stealing malware linked to TeamPCP threat group

Experts Sound Alarm Over “Prompt Poaching” Browser Extensions

Expel has warned of malicious Chrome extensions stealing users’ AI conversations

Pro-Russia Hacktivists Conduct Opportunistic Attacks Against US and Global Critical Infrastructure

<h2><strong>Summary</strong></h2> <p><strong>Note:</strong> This joint Cybersecurity Advisory is being published as an addition to the Cybersecurity and Infrastructure Security Agency (CISA) May 6, 2025, joint fact sheet <a…

CISA Shares Lessons Learned from an Incident Response Engagement

<h2><strong>Advisory at a Glance</strong></h2> <table> <tbody> <tr> <td>Executive Summary</td> <td>CISA began incident response efforts at a U.S. federal civilian executive branch (FCEB) agency following the detection of potential malicious activity…

Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System

<h2><strong>Executive summary</strong></h2> <p>People’s Republic of China (PRC) state-sponsored cyber threat actors are targeting networks globally, including, but not limited to, telecommunications, government, transportation, lodging, and military…

Russian GRU Targeting Western Logistics Entities and Technology Companies

<h2><strong>Executive Summary</strong></h2> <p>This joint cybersecurity advisory (CSA) highlights a Russian state-sponsored cyber campaign targeting Western logistics entities and technology companies. This includes those involved in the coordination,…

Student Loan Breach Exposes 2.5M Records

2.5 million people were affected, in a breach that could spell more trouble down the line.

Watering Hole Attacks Push ScanBox Keylogger

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.