CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers

CISA warned today that hackers are now actively exploiting a recently patched high-severity SolarWinds Serv-U flaw to crash servers. [...]

Chinese APT deploys new malware to keep access to hacked networks

A Chinese espionage group tracked as UNC5221 has been accessing Microsoft 365 environments using the Brickstorm backdoor and previously undocumented malware named Plenet and AgentPSD. [...]

IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks

Multiple software supply chain attacks have hit the npm ecosystem, with threat actors using both malicious and poisoned versions of over 50 legitimate packages to distribute a Rust-based information stealer and a self-spreading worm, respectively. According…

OWASP Incubator Project Helps Developers Find and Fix Vulnerable Dependencies in Seconds

CVE Lite CLI is a free, open-source command line tool that scans your projects in seconds and tells you exactly which included packages contain a vulnerability. The post OWASP Incubator Project Helps Developers Find and Fix Vulnerable Dependencies in Seconds…

Android Spyware Asin Targets Arabic Users via Fake News, PDF and War Map Apps

Arabic-speaking users have emerged as the target of a new Android spyware codenamed Asin, according to findings from ESET. The Slovakian cybersecurity company said it first detected the malware spread via multiple campaigns in early 2025, with each attack…

Over 900 US gas station tank gauge systems exposed to attacks

Over 900 automatic tank gauge (ATG) systems across the United States, used to monitor fuel and chemical storage tanks across various critical infrastructure sectors, have been found exposed online and are vulnerable to ongoing attacks. [...]

What 2026 DBIR Confirms: Attacks Are Living in the Browser

Phishing, shadow AI, malicious extensions, and credential theft increasingly happen inside the browser. Keep Aware explains what the 2026 Verizon DBIR reveals about browser-layer security gaps and modern attacks. [...]

EU unveils tech sovereignty package to cut reliance on US, Chinese suppliers

The package bundles two draft laws — a Chips Act 2.0 and a Cloud and AI Development Act (CADA) — alongside an Open Source Strategy and a roadmap for digitalizing the energy system.

Cisco SD-WAN Has a New Root-Level Problem, and There’s No Fix Yet

Cisco warns of CVE-2026-20245 in SD-WAN Manager, a flaw that can lead to root access via file upload command injection; no patch or workaround yet. Cisco warns of a privilege escalation flaw, tracked as CVE-2026-20245 (CVSS base score of 7.8), in Cisco…

In Other News: Anthropic Maps AI Threats, Unpatched Comodo Flaw, Palantir Chief Eyed for CISA

Other noteworthy stories that might have slipped under the radar: Ultrahuman data leak, The Gentlemen ransomware analysis, Hola Browser bundles miner. The post In Other News: Anthropic Maps AI Threats, Unpatched Comodo Flaw, Palantir Chief Eyed for CISA…

Attackers obtained encrypted password vaults from some Dashlane user accounts

Dashlane has disclosed new details about a brute-force attack that let a threat actor access some customer accounts and copy encrypted vaults. Dashlane said it found no evidence that the attackers compromised its internal systems. The company first…

Infosecurity Europe: Practical Lessons From Lloyds' Agentic AI Security Playbook

Lloyds Banking Group shared its approach for securing agentic AI workflows, with a mix of hands on experimentation and cross functional governance

Only 10% of SOCs Say They’re Getting Excellent Value From AI. Here’s What the Second Wave Has to Deliver

Eighteen months ago, the AI SOC was a marketing line. Today it's a budget item. The category has crossed over from interesting to inevitable, with billions of dollars now flowing into AI-powered security operations platforms, agentic SOC tools, and AI…

Infosecurity Europe: OWASP Introduces Agentic AI Security Maturity Framework

The OWASP agentic AI security framework helps organizations assess governance maturity vs adoption and adjust governance as needed

Industry Reactions to New Trump AI Cybersecurity Executive Order: Feedback Friday

Experts commented on the EO’s voluntary nature, the balance between innovation and security, and potential implementation gaps. The post Industry Reactions to New Trump AI Cybersecurity Executive Order: Feedback Friday appeared first on SecurityWeek .

PCPJack Exposed: Researchers Uncover 230-Node Cloud Email Relay Network

Researchers uncovered a 230-node cloud-based email relay network after the actor PCPJack accidentally exposed tools, logs, and C2 files online A threat actor tracked as PCPJack compromised 230 cloud servers across Amazon Web Services, Google Cloud, and…

Infosecurity Europe: AI Coding Tools Need Built-In Security for Agentic Development Era

Ox Security field CTO, Boaz Barzel, makes the case for vibe security to tackle AI agent coding risks

Cisco SD-WAN 0-day exploited, no patch available (CVE-2026-20245)

A 0-day privilege escalation vulnerability (CVE-2026-20245) in Cisco Catalyst SD-WAN Manager that has yet to be patched by Cisco is being leveraged by attackers. “To exploit this vulnerability, an attacker must have netadmin privileges on an affected system.…

Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites

Threat actors are actively exploiting a critical security flaw in Everest Forms Pro, a WordPress plugin with about 4,000 active installations, to execute arbitrary code, leading to a complete site compromise. The vulnerability in question is CVE-2026-3300…

AI is helping low-skill hackers pull off advanced cyberattacks

Anthropic has published an analysis of cyber-related misuse of its AI systems, examining 832 accounts that were banned for malicious cyber activity between March 2025 and March 2026. The company mapped the observed behavior to the MITRE ATT&CK framework,…

Fake Context Alignment: The Attack That Made Gemini Obey Strangers Through Your Notifications

SafeBreach tricked Gemini into obeying attackers via WhatsApp notifications, using hidden foreign-language text to bypass Google’s defenses and control smart home devices. SafeBreach Labs researcher Or Yair spent months trying to break Google’s Gemini voice…

Nightclub Giant RCI Says Data Breach Affects 40,000 Individuals

The company detected a network intrusion in March and an investigation showed that some files were stolen during the attack. The post Nightclub Giant RCI Says Data Breach Affects 40,000 Individuals appeared first on SecurityWeek .

June 2026 Patch Tuesday forecast: Where are the CVEs?

My forecast from last month was only partly right. After the Anthropic Mythos announcements and the deluge of newly discovered vulnerabilities from vendors like Mozilla, Microsoft’s updates were standard fare, 65 CVEs reported in Windows 11 and 58 in Windows…

AgentGG: Open-source agentic SAST scanner

Static analysis tools have spent years matching source code against known-bad patterns and handing engineers long lists of candidate issues to triage by hand. AgentGG approaches the same job with AI agents that read the code, follow imports, walk the call…

Cisco Warns of 7th SD-WAN Zero-Day Exploited in 2026

The vulnerability is tracked as CVE-2026-20245 and it can allow arbitrary command execution as root, but no patch yet. The post Cisco Warns of 7th SD-WAN Zero-Day Exploited in 2026 appeared first on SecurityWeek .

Thieves can pull off keyless car theft in under a minute and here’s how to stop them

A keyless car can be stolen in under a minute. Two people, a pair of cheap radio amplifiers, and a fob sitting on a hallway table inside the house. That is enough. No broken glass. No alarm. No sound. Most keyless cars remain vulnerable The vulnerability runs…

AI agent governance gets harder when agents outnumber your people

In this Help Net Security video, Amit Gautam, CTO at Abluva, explains the security risks that autonomous AI agents bring into enterprise environments. He opens with a real case: a reconciliation agent at a financial services firm had legitimate access to a…

Most pros have seen AI hallucinations in IT operations

Autonomous AI is taking action inside enterprise IT environments. Software is restarting services, isolating risky devices, and applying patches without waiting for a human to approve the step. The capability is spreading at the same time IT professionals are…

Trump considers Palantir exec to lead CISA

Shyam Sankar, the chief technology officer at Palantir Technologies, has emerged as a lead contender for the long vacant Cybersecurity and Infrastructure Security Agency (CISA) director role, according to the sources, who requested anonymity to discuss the…

Russia seeks to label two anti-Kremlin hacker groups as ‘extremist’

The groups have previously claimed responsibility for cyberattacks targeting critical infrastructure and government institutions in Russia and Belarus.

U.S. CISA adds Mirasvit Full Page Cache Warmer flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Mirasvit Full Page Cache Warmer flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Mirasvit Full Page Cache Warmer flaw,…

Everest Forms Pro Vulnerability Allows Remote Code Execution on WordPress Sites

Critical Everest Forms Pro RCE flaw exploited to create rogue WordPress admin accounts

Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories

A security researcher found a flaw in Anthropic's Claude Code GitHub Action that let an attacker take over vulnerable public repositories running it, with nothing more than a single opened GitHub issue. Because Anthropic's own action repo used the same…

Agentic AI Is Transforming Defense, But Only Secure IT Infrastructure Will Maximize It

Over the past several weeks, the cybersecurity community has been reminded how quickly frontier and agentic AI in defense networks can challenge our assumptions. When Anthropic's Claude Mythos model was made available to a limited set of organizations as a…

Offroad Emerges From Stealth With $7 Million to Tackle Enterprise Identity Risk

As AI agents, machine identities, and third-party applications multiply across enterprises, Offroad is betting autonomous security agents can restore control over an increasingly unmanageable identity landscape. The post Offroad Emerges From Stealth With $7…

ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories

It got stupid again. The internet still feels held together with tape. Bad plugins, old bugs, fake tools, trusted apps doing shady things. Same mess, new wrapper. And now the weird stuff is normal. Forums go down and come back worse. Cheap hackers get better…

Infosecurity Europe: AI Adoption Creates New Opportunities for Attackers to Distribute Malware, Microsoft Warns

Microsoft Detection and Response Team (DART) details how it has uncovered malicious AI applications as cyber criminals manipulate organizations adopting AI tools

Infosecurity Europe: Mythos Outperforms GPT5.5 on Google Chrome Vulnerability Exploits, Says New Benchmark

A Bugcrowd researcher has unveiled ExploitBench, an independent benchmark of AI models for vulnerability exploitation

Infosecurity Europe: How Proton Fights Against Cybercriminals Using Its Services

Proton uses machine learning models to detect abuse of its services – especially email addresses used by cybercriminals

Infosecurity Europe: How Businesses Can Prepare for a Cybersecurity Crisis with Effective Plans

Cybersecurity and business leaders with experience of dealing with major incidents from within the NCSC and at JLR detail what you need to prioritize if your organization is hit by a cyber-attack

WhatsApp, Slack Notifications Could Hijack Google Gemini on Android

A single poisoned notification from WhatsApp, Slack, SMS, Signal, Instagram, or Messenger could have hijacked Google Gemini's voice assistant on Android and made it open a victim's connected windows, fake a message from their boss, push the phone into a Zoom…

xAI Asks Court to Strip Alleged Grok Deepfake Nudes Victims of Anonymity

Four people suing Elon Musk's AI firm under pseudonyms due to the risks of being identified may face a difficult choice: Reveal your real names, or drop the lawsuit.

Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479)

Redis has patched a use-after-free in its blocking-client code that lets an authenticated user run arbitrary OS commands on the machine hosting the database. The flaw was found by an autonomous AI tool built to hunt bugs in large codebases. Tracked as…

Beyond the Zero-Day: See Your Network Like an Attacker | Webinar with HD Moore

Assume the breach. Zero-days keep shipping, AI is writing exploits faster than anyone patches, and "patch everything in time" stopped working years ago. Stop betting the org on winning that race. You don't control which bug lands. You control what it can…

Infosecurity Europe: Vulnerability Management Innovator Konvu Wins Cyber Startup Award

Inaugural Infosecurity Europe Cyber Startup Award Winner Impresses Panel with Ability Help Prioritize Vulnerabilities in AI era

Trump Signs Order Inviting Voluntary Review of Frontier AI Models

Trump's executive order invites voluntary pre-release review of frontier AI models

Anthropic Expands Mythos Access to 150 More Organizations

Anthropic widens Project Glasswing access to 150 more firms as patching becomes the bottleneck

Infosecurity Europe: Patch Responsibility Remains Up for Grabs as AI Unearths Decades of Flaws

The emergence of AI models capable to autonomously find and fix vulnerabilities at scale is having a significant impact on patching management, experts say

New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare

Cybersecurity researchers have discovered a remote denial-of-service exploit that affects major web servers, including NGINX, Apache HTTPD, Microsoft IIS, Envoy, and Cloudflare Pingora. The vulnerability has been codenamed HTTP/2 Bomb by Calif. "The…

Infosecurity Europe: Execs Must Treat Cyber Threats as Statecraft, ISACA Expert Say

Private firms are being targeted by nation-state groups for reasons beyond finance, argued ISACA’s Bharat Thakrar

Infosecurity Europe: AI-Powered Cybercrime Tools Surge on Dark Web

Halcyon’s Cynthia Kaiser lifts the lid on the dark web market for AI cybercrime tools

Infosecurity Europe: Cybersecurity Teams Which Don’t Leverage AI are "Doomed to Fail"

Humans still need to be part of cyber defense, but refusing to deploy AI is no longer optional against AI-enhanced cyber threats, warns Dataminr’s Joe Slowik

Infosecurity Europe: Bayer Reinvents Security Awareness Training to Counter AI Threats

Bayer’s security awareness training now focuses on psychological approaches rather than technical methods for detecting social engineering

AI-Driven Exploitation is Destroying Vulnerability Management. Here’s How to Handle It.

AI-driven exploitation timelines are rapidly shrinking, and they are not going to stop shrinking. Vulnerabilities are being discovered, reproduced, and weaponized faster than ever in the history of enterprise security. As a result, the window between a…

Threat Actor Uses AI to Build EDR Evasion Tools

A threat actor used AI coding tools to build and test EDR evasion malware, Sophos finds

Infosecurity Europe: UK Firms Prioritize AI Threat Preparedness as Cyber Risks Evolve

UK organizations are prioritizing AI-driven cybersecurity as 43% cite AI-powered attacks as their top risk, prompting significant investment in advanced threat defense

New Wave Of Phishing Emails with SVG Files, (Tue, Jun 2nd)

For a few days, my SANS ISC mailbox is flooded with emails that delivers SVG files. An SVG ("Scalable Vector Graphic") is a web-friendly vector file format used for graphics and icons. No URL in the body, just “an image”,…

Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts

The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U.S. Space Force were briefly defaced with pro-Iranian images and messages over the weekend, after instructions began circulating on Telegram showing how to trick Meta's "AI…

⚡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Attacks, OAuth Phishing and More

Monday hit like a cron job with anger issues. A busted auth path here, a repo-side faceplant there, some "patched-ish" thing already getting chewed on in the wild, and then the usual bonus round: poisoned dev tools, sketchy forum chatter, phishing kits…

Infosecurity Europe: AI SOCs Will Still Need SOC Analysts, Security Vendors Say

Top cybersecurity vendors said AI won't replace entry-level – only routine ticket-taking and triage

OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack

Cybersecurity researchers have disclosed details of a new malicious supply chain campaign that's targeting developers using OpenAI Codex through a legitimate-looking remote web UI. The tool, named codexui-android, is advertised on GitHub and npm as a remote…

Attackers Abuse Shared Content for ChatGPT Phishing Campaign

Push Security says threat actors are delivering malware hosted on chatgpt.com/s/ domain

Infosecurity Europe: OWASP Forms New Agentic Research Council

OWASP’s new Agentic Research Council will aim to connect academic work to operational realities on agentic AI security

Cybercrime Crew Claims It Hacked Mike Lindell’s MyPillow

Plus: A ransomware group is now stealing data in person, BusPatrol wants to hand its license plate surveillance data to the cops, and more.

ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface

Cybersecurity researchers have disclosed details of a vulnerability in OpenAI ChatGPT that leverages the artificial intelligence (AI) assistant's implicit trust in Markdown links and images to trigger prompt injections and open the door to phishing attacks.…

Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit

An unknown threat actor has been observed using a large language model (LLM) agent to conduct post-compromise actions after obtaining initial access following the exploitation of a publicly-accessible Marimo network using a recently disclosed vulnerability.…

New Russia-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks

A previously undocumented threat actor dubbed GREYVIBE has been attributed to ongoing and persistent attacks targeting Ukraine and Ukraine-related entities since at least August 2025. GREYVIBE, per WithSecure, is assessed to be a Russian-speaking group…

What 2,000 Exposed Vibe-Coded Apps Reveal About the Limits of Most Security Stacks

Shadow AI used to mean employees pasting things they shouldn't into ChatGPT. It now means something bigger: employees building full applications with AI, wiring them into production systems, and publishing them on the open internet. Without Security or IT in…

AI-Generated npm Malware Leaks Its Own GitHub Token

Sloppy AI-generated npm infostealer leaked its own GitHub token, exposing the operator

Scammers Are Using Your Real Hotel Reservations to Trick You With Spear-Phishing Attacks

Customer data from more than 350 hotels around the world may have been accessed as part of realistic reservation-hijacking scams.

GCHQ Chief Urges Action as AI Reshapes Cyber Threats

GCHQ director urges urgent business cyber action as AI and quantum reshape the threat

All Major LLMs Exposed to Multi-Turn Manipulation, Warn Researchers

68% of UK Firms Plan to Increase Cyber Spending as AI Risks Rise

UK firms plan higher cyber spending as AI adoption raises security concerns

India's CERT-In Sets 12-Hour Patch Deadline for Exposed Flaws

CERT-In urges 12-hour patching of exposed flaws as AI compresses exploitation timelines

US Law Enforcement Warns of ‘Anti-Tech Extremism’ as AI Hatred Grows

As Americans stew over the looming risk of job-stealing AI and data centers in their back yards, the feds are raising the alarm about a new category of threat, documents obtained by WIRED show.

Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattacks

Authorities in the Netherlands have arrested the co-owners of two related Internet hosting companies for operating IT infrastructure used by Russia to carry out cyberattacks, influence operations and disinformation campaigns inside the European Union. The two…

The AI Era Is Creating a Bug-Hunting Arms Race

As attackers ramp up their AI exploit development, the search for software vulnerabilities is changing rapidly.

The FBI Wants ‘Near Real-Time’ Access to US License Plate Readers

Plus: Google publishes a live exploit for an unpatched flaw, the feds arrest two men accused of creating thousands of nonconsensual deepfake nudes, and more.

Lawmakers Demand Answers as CISA Tries to Contain Data Leak

Lawmakers in both houses of Congress are demanding answers from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) after KrebsOnSecurity reported this week that a CISA contractor intentionally published AWS GovCloud keys and a vast trove of other…

Fake Gemini and Claude Code Sites Spread Infostealers Through SEO Poisoning

The infostealer payload in this campaign collect a vast amount of data, from collaboration authentication keys to cryptocurrency wallets

Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada

Canadian authorities on Wednesday arrested a 23-year-old Ottawa man on suspicion of building and operating Kimwolf, a fast spreading Internet-of-Things botnet that enslaved millions of devices for use in a series of massive distributed denial-of-service…

Three-Quarters of Firms Knowingly Ship Vulnerable Code

AI risks threaten to permeate supply chains through unvetted code and unaudited suppliers

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.

Data Brokers’ and AI Firms’ Opt-Out Forms Are Built to Fail, Report Finds

A new study finds AI companies, defense firms, and dating apps are among 38 data collectors allegedly using manipulative design to confuse users while collecting their data.

AI Raises the Bar on Vulnerability Awareness and Secure-by-Design Software

AI-powered vulnerability scanning leaves no excuse for unpatched bugs as the EU Cyber Resilience Act pushes firms toward secure-by-design software

Agentic AI Accelerates Software Builds and Mobile App Attacks

Digital.ai data reveals 87% of apps were attacked over the past year

NCSC Publishes Guidance on Securing Agentic AI Use

The UK’s National Cyber Security Centre is helping organizations to understand agentic AI security risks

Bank of England, FCA and Treasury Raise Alarm Over Frontier AI

The UK’s financial authorities have set expectations for the sector on cybersecurity and operational resilience

Most Organizations Now Use AI Agents for Sensitive Security Tasks

Semperis study finds 74% of organizations believe AI will increase attacks on identity infrastructure

ICO Publishes Five-Step Plan to Counter Emerging AI-Powered Attacks

The Information Commissioner’s Office has released new guidance on how to mitigate the risk of AI-powered attacks

Global Cyber Agencies Issue New SBOMs for AI Guidance to Tackle AI Supply Chain Risks

The G7 Cybersecurity Working Group releases new SBOM for AI guidance, outlining seven key data clusters to boost transparency and security across AI supply chains

UK Cybersecurity Market Expands to £14.7bn with Strong Growth in AI Security Firms

UK cybersecurity sector reaches £14.7bn in revenue, driven by rapid growth in AI security firms, increased investment and rising employment across the industry

Patch Tuesday, May 2026 Edition

Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer code. That reality is on full display this month with some of…

OpenAI Launches 'Daybreak' to Help Build Secure By Design Software

With Daybreak, OpenAI wants its frontier AI models to be used to deploy secure by design software from the ground up

Malicious Hugging Face Repository Typosquats OpenAI

HiddenLayer reveals infostealer malware in a Hugging Face repository

Fake Claude Code Page Pushes PowerShell Stealer at Devs

Ontinue uncovers fake Claude Code installer pushing PowerShell stealer abusing Chrome's IElevator2

Hackers Observed Using AI to Develop Zero-Day for the First Time

Google Threat Intelligence Group details how cybercriminals attempted to launch a campaign based around an AI-developed Zero-Day targeting open-source software

Legacy Security Tools Failing Data Protection, Capital One Software Report Finds

Traditional network security tools are undermining data protection, with Forrester and Capital One Software research warning AI adoption is impossible without rethinking data security

Cline Kanban Flaw Lets Websites Hijack AI Coding Agents

Oasis Security finds critical Cline kanban WebSocket flaw exposing AI coding agents to hijack

OpenAI and Anthropic LLMs Used in Critical Infrastructure Cyber-Attack, Warns Dragos

Commercial AI models were used to help plan and conduct cyber-attack against operational technology of a water and drainage facility, say researchers

Fake Claude AI Site Drops Beagle Backdoor on Windows Users

Sophos finds fake Claude site spreading DonutLoader and a new Beagle backdoor via DLL sideloading

AI Adoption Outpaces Safety Policies, Leaving Organizations Exposed to Cyber Risk

ISACA report warns that while AI has become the norm, many organizations are yet to formally apply safety or security policies around its use

OpenAI To Extend Cyber Program to Government Agencies

OpenAI announced its intention to expand the Trusted Access for Cyber program for cyber defenders at the federal, state and local government levels

Anthropic Rolls Out Claude Security for AI Vulnerability Scanning

Claude Security enters public beta, giving enterprises AI driven code scanning with no API integration or custom agents required

Nine-Year-Old Zero-Day Flaw in Linux Kernel Discovered by AI-Equipped Security Researcher

A researcher from offensive security firm Theori has found a nine-year-old flaw in the Linux kernel with the help of AI

Cyber is the Number One Global “People Risk,” Says Marsh

Marsh’s 2026 People Risks survey finds cyber‑related challenges dominate, as cyber‑threat literacy tops risks and cyber and AI skills shortages rise

Malicious npm Dependency Linked to AI Assisted Commit Targets Crypto Wallets

Researchers uncover a malicious npm dependency linked to an AI‑assisted code commit that steals sensitive data and exposes crypto wallets

AI Rush is Reviving Old Cybersecurity Mistakes, Mandiant VP Warns

AI tools are not just creating new vulnerabilities, they are reviving old security failures, warned Jurgen Kutscher, VP of Mandiant Consulting

Google Favors General-Purpose Gemini Models Over Cybersecurity‑Specific AI

Google Cloud’s COO advocated for combining general-purpose frontier large language models with task-specific AI agents

Google Introduces Unique AI Agent Identities in New Gemini Enterprise Platform

Google Cloud will attribute a unique cryptographic ID every AI agent that will be tied to “traceable and auditable” authorization policies

Researchers Uncover 10 In-the-Wild Prompt Injection Payloads Targeting AI Agents

Forcepoint has found 10 new indirect prompt injection attacks targeting AI agents

Defending Against China-Nexus Covert Networks of Compromised Devices

<div class="SCXW131754345 BCX8"> <div class="OutlineElement Ltr SCXW131754345 BCX8"> <h2><a class="c-button c-button--on-dark"…

Unchecked AI Agents Cause Cybersecurity Incidents at Two Thirds of Firms

Data exposure, operational disruption and financial losses among issues faced by businesses struggling with the rapid rise of AI agents, warns Cloud Security Alliance report

Commercial AI Models Show Rapid Gains in Vulnerability Research

AI models are making rapid gains in vulnerability research and exploit development, raising new cybersecurity risks, a Forescout study finds

OpenAI Unveils GPT-5.4-Cyber for Improving Cyber Defense With AI

OpenAI’s new frontier model focused on cybersecurity comes following Anthropic’s launch of Claude Mythos Preview and Project Glasswing

AI Companies to Play Bigger Role in CVE Program, Says CISA

At VulnCon, Lindsey Cerkovnik, head of vulnerability management at CISA, said AI companies should play a bigger role in vulnerability disclosures in the future

AI Security Institute Advocates Security Best Practices After Mythos Test

The AISI has issued its judgement on Anthropic’s Mythos Preview model

Governance Gaps Emerge as AI Agents Drive 76% Increase in NHIs

SANS Institute reveals that AI agents are behind a 76% surge in non-human identities

Google API Keys Quietly Gain Access to Gemini on Android Devices

Google API key flaw exposes mobile apps to Gemini AI access, private files and billing risks

Anthropic Launches Project Glasswing to Use AI to Find and Fix Critical Software Vulnerabilities

Anthropic launches Project Glasswing, using its Claude Mythos Preview AI to autonomously identify and fix undiscovered vulnerabilities in critical software

Claude Discovers Apache ActiveMQ Bug Hidden for 13 Years

Anthropic’s Claude AI has helped researchers find a vulnerability in Apache ActiveMQ Classic

GrafanaGhost Exploit Bypasses AI Guardrails for Silent Data Exfiltration

GrafanaGhost chains AI prompt injection and URL flaws to exfiltrate sensitive Grafana data

Over $17bn Lost to Cyber Fraud in the Last Year, Warns FBI

Cryptocurrency scams alone cost victims over $7 billion, while AI-enabled fraud threats are on the rise, says FBI

Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure

<h2><strong>Advisory at a Glance</strong></h2> <table> <tbody> <tr> <th>Title</th> <td>Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure</td> </tr> <tr> <th>Original Publication</th> <td>April 7,…

ChatGPT Security Issue Enabled Data Theft via Single Prompt

OpenAI has patched vulnerability, which Check Point said was because of a DNS loophole

DeepLoad Malware Combines ClickFix With AI-Generated Code to Avoid Detection

Researchers at ReliaQuest warn of persistent malware campaign targeting enterprise credentials

Security Researchers Sound the Alarm on Vulnerabilities in AI-Generated Code

Security researchers from Georgia Tech have observed a surge in reported CVEs for which the flaw was introduced by AI-generated code

Pro-Russia Hacktivists Conduct Opportunistic Attacks Against US and Global Critical Infrastructure

<h2><strong>Summary</strong></h2> <p><strong>Note:</strong> This joint Cybersecurity Advisory is being published as an addition to the Cybersecurity and Infrastructure Security Agency (CISA) May 6, 2025, joint fact sheet <a…

CISA Shares Lessons Learned from an Incident Response Engagement

<h2><strong>Advisory at a Glance</strong></h2> <table> <tbody> <tr> <td>Executive Summary</td> <td>CISA began incident response efforts at a U.S. federal civilian executive branch (FCEB) agency following the detection of potential malicious activity…

Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System

<h2><strong>Executive summary</strong></h2> <p>People’s Republic of China (PRC) state-sponsored cyber threat actors are targeting networks globally, including, but not limited to, telecommunications, government, transportation, lodging, and military…

Russian GRU Targeting Western Logistics Entities and Technology Companies

<h2><strong>Executive Summary</strong></h2> <p>This joint cybersecurity advisory (CSA) highlights a Russian state-sponsored cyber campaign targeting Western logistics entities and technology companies. This includes those involved in the coordination,…

Student Loan Breach Exposes 2.5M Records

2.5 million people were affected, in a breach that could spell more trouble down the line.

Watering Hole Attacks Push ScanBox Keylogger

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.