FBI Sounds Alarm Over Russian Intelligence Signal Phishing

The FBI claims Russian spies are targeting Signal backup keys

OpenAI Unveils GPT-5.6 Sol as Its Most Advanced Cybersecurity AI

The company says Sol matches competing systems like Mythos Preview while using only a third of the output tokens. The post OpenAI Unveils GPT-5.6 Sol as Its Most Advanced Cybersecurity AI appeared first on SecurityWeek .

Public PoC Released for Critical libssh2 CVE-2026-55200 Client-Side SSH Flaw

A public proof-of-concept is now out for CVE-2026-55200, a critical flaw in libssh2 that lets a malicious or compromised SSH server trigger memory corruption on a connecting client, with possible code execution. No credentials, no user interaction. The bug…

DarkMoon: Open-source AI pentesting platform

Penetration testing has long run on expert time, with specialists spending days probing a network or web application by hand. Manual engagements stretch across weeks, expert consultants run into thousands of dollars a day, and results vary with the tester.…

Sycophantic chatbots and the harms that build over many chats

People use AI chatbots for company, advice, and emotional support, and these systems answer in ways meant to hold their attention. Researchers describe the resulting risks as affective safety, a class of harm that exists because humans are emotional beings…

Companies keep bolting AI onto their products, and the security bill is coming due

Companies keep bolting AI and LLM features onto their products, and the security results are starting to show a pattern. The vulnerabilities those features create get rated high risk far more often than anything else, and they get fixed slower than anything…

Most teams accept higher risk for faster AI database work

Database professionals are using AI for everyday work like writing queries, building schemas, and reviewing code, and a growing share rely on autonomous tools that act on the database itself. The use of AI in database management has almost tripled in a year,…

KDDI Data Breach Impacts up to 14.2 Million Email Accounts at Six ISPs

KDDI Corporation disclosed a breach affecting up to 14.2 million email accounts after attackers exploited a vulnerability in third-party software. KDDI Corporation disclosed a data breach that exposed up to 14.2 million email accounts across six Japanese…

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 103

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter More Than 4,000 Legacy Routers Compromised by AryStinger, Turned into Global Attack Proxies for Hackers…

Data breach exposes up to 14.2 million email logins at six ISPs

Japanese telecommunications operator KDDI Corporation disclosed a data breach where threat actors gained access to one of its email systems used by five other internet service providers (ISPs) in the country. [...]

Week in review: Fortibleed campaign’s impact on orgs, Cisco Unified CM flaw exploited

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Encrypted DNS still tells an eavesdropper where to look Encrypted DNS runs across much of the Internet. DNS over TLS, HTTPS, and QUIC keep the contents of a…

Ukraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials

The Security Service of Ukraine (SSU) said it, together with the U.S. Federal Bureau of Investigation (FBI), uncovered a long-running campaign orchestrated by Russian intelligence services to break into the messaging accounts of government officials, military…

New FBI Alert: Russian Intelligence Uses Signal Recovery Keys to Access Messages

FBI warns Russian spies now target Signal Backup Recovery Keys, enabling access to message history and long-term account takeover. The FBI and CISA updated their March 2026 warning about Russian intelligence phishing campaigns, and the new advisory adds a…

Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious payload that remains invisible to security scanners, AI agents, and human reviewers. [...]

OpenAI Previews GPT-5.6 Sol With Restricted Access and Stronger Cyber Safeguards

OpenAI on Friday released three versions of GPT-5.6, called Sol, Terra, and Luna, as a limited preview to a small number of companies as part of an ongoing engagement with the U.S. government. While Sol is the latest flagship model and the most powerful,…

Chinese Framework Powers 200,000 Scam Sites

Threat actors are selling investment scam templates created using the legitimate DCloud Uni-App toolkit. The post Chinese Framework Powers 200,000 Scam Sites appeared first on SecurityWeek .

FBI: Russian hackers now target Signal backup recovery keys

The FBI and CISA are warning that a phishing campaign targeting Signal users tied to Russian intelligence services has evolved to steal Signal Backup Recovery Keys, allowing attackers to access victims' historical messages. [...]

CISA sets urgent deadline to fix Cisco flaw exploited in attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is giving federal agencies until Sunday to patch a vulnerability in Cisco Unified Communications Manager Server that is being actively exploited. [...]

FBI Warns Russian Intelligence Hackers Target Signal Backup Recovery Keys

The FBI and CISA have updated their March warning about Russian intelligence phishing Signal accounts, and the operators have added a step: they now coax targets into handing over their Signal Backup Recovery Key. Hand it over once, and the attacker can…

Cybersecurity firms targeted by fraudulent OpenAI organization invites

Threat actors are creating OpenAI tenants that impersonate legitimate companies and inviting employees to join them, in what appears to be a ploy to trick targets into submitting sensitive company information in chats and projects. [...]

Amazon Q Flaw Enabled Cloud Credential Theft via Malicious Repositories

AWS has patched the vulnerability and published its own advisory to inform customers about the potential impact. The post Amazon Q Flaw Enabled Cloud Credential Theft via Malicious Repositories appeared first on SecurityWeek .

More Klue Breach Victims Identified as Hackers Get Hacked

Roughly two dozen companies have notified their customers of the Klue-Salesforce incident impact. The post More Klue Breach Victims Identified as Hackers Get Hacked appeared first on SecurityWeek .

In Other News: Chinese Mythos-Like AI, Tata Electronics Breach, Snyk Layoffs

Other noteworthy stories that might have slipped under the radar: Russia used Cellebrite to hack activist’s phone, Five Eyes issue urgent AI threat warning, macOS Gaslight backdoor, Scattered Spider guilty pleas. The post In Other News: Chinese Mythos-Like…

Your First GRC Agent: A Red Teamer's Walkthrough

AI won't replace GRC analysts, but it can eliminate much of the repetitive work they do. Anecdotes walks through building an agent that continuously monitors controls, identifies evidence gaps, and opens remediation tasks. [...]

Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs

A high-severity flaw in Amazon Q Developer let a malicious repository run commands and steal a developer's cloud credentials. The path was short: a developer opens the repo, trusts the workspace, and Amazon Q does the rest. Amazon has patched it. Tracked as…

Turla group adds more malware to Russia’s espionage efforts against Ukraine

Threat intelligence researchers at Google described StockStay, the latest malware developed by the Russian cyber-espionage group known as Turla.

Russia used social engineering to breach prominent messaging accounts, Ukraine says

Ukraine's SBU described a long-running Russian operation that used fake tech-support workers to persuade people to hand over credentials to their messaging apps.

Proof’s x401 establishes an open protocol for AI agent identity and authorization

Proof has launched x401, an open, issuer-neutral protocol that lets any website or API ask for and verify the identity behind agents. With x401, a service can ask for the proof it requires: verified identity, age, membership, organizational affiliation,…

Critical open-source projects get a new security framework

Open source software projects are getting a new framework for handling security vulnerabilities as AI shortens the time between flaw discovery and exploitation. The Linux Foundation has launched Akrites, an industry initiative that brings together technology…

Guardian Agents: The Next Layer of Identity Governance

AI agents are moving through enterprise environments, inheriting permissions, traversing systems, and executing decisions at machine speed with minimal oversight. The identity infrastructure built to govern human access wasn't designed for autonomous actors,…

Synology issues critical fix for MailPlus Server vulnerabilities

Synology has has fixed critical vulnerabilities in MailPlus Server, a software package used to run private email infrastructure on Synology NAS devices. The security update fixes three flaws: CVE-2026-13136, stemming from faulty authorization checks, may…

China-Linked Hackers Strike Asian Critical Infrastructure with TinyRCT Backdoor

A China-linked threat group has been targeting critical infrastructure in Southeast Asia with a new custom backdoor called TinyRCT

Ransomware gangs find Europe’s weakest link in third-party suppliers

Ransomware attacks against European organizations increased during the first months of 2026, with third-party suppliers becoming a major entry point for attackers. Black Kite examined 2,066 ransomware incidents across 31 countries between January 2025 and…

CMC Releases Analysis and Guidance for Education Sector After Canvas Data Breach

The UK Cyber Monitoring Centre reviews the Canvas breach affecting 160 UK universities, highlighting data theft risks and financial impacts of cyber incidents

Anthropic is testing desktop-like Claude Cowork for mobile

Anthropic appears to be testing Claude Cowork support on mobile, allowing you to manage long-running Claude tasks from your phone. [...]

New macOS malware embeds fake errors to confuse AI analysis tools

A newly discovered macOS malware dubbed "Gaslight" is designed to confuse AI-assisted malware analysis tools by hiding prompt injection strings and fake debugging data within the executable. [...]

ThreatsDay Bulletin: Smart TV Proxyware, 24-Year curl Bug, AI Crime Forums + 13 More Stories

It’s dumb out there again. This week has the usual smell of prod on fire and nobody wanting to admit who left the door open — old creds still working, trusted apps doing sketchy crap, browser tricks jumping the fence, and “normal” workflows turning into…

Trust in Automated AI Vulnerability Scanning Collapses to 9%, New Study Finds

Cobalt study finds 20-percentage-point drop in number of organizations relying solely on AI automation for testing

British Police Built a Sprawling Crime-Prediction Machine. Some Results Couldn’t Be Trusted

As UK police embrace the AI revolution, a WIRED investigation reveals the messy inside story of one region’s experiment with predictive analytics.

New Gaslight macOS Malware Uses Prompt Injection to Disrupt AI-Assisted Analysis

A previously undocumented Rust-based macOS implant and information stealer has been found to embed a prompt injection payload designed to trick a malware analyst's artificial intelligence (AI) tools and trick it into aborting or refusing an analysis of the…

Researchers Trick AI Browsers Into Leaking Credentials

LayerX tricked AI browsers including ChatGPT Atlas and Comet into bypassing their guardrails

macOS Backdoor Uses Prompt Injection to Evade AI Triage

SentinelLabs found a North Korea-linked macOS backdoor using prompt injection on AI triage tools

Dawn of the Apex Agentic Adversary

We are standing at the end of an era we never thought to mourn: the era of human-speed threats. For years, cybersecurity moved to a rhythm organizations could follow. A researcher found a bug, a CVE was cataloged, a vendor navigated a patch cycle, and weeks…

AI Is Making Attacks Cheaper, Faster and More Covert, Says ReliaQuest

New ReliaQuest study reveals the six ways AI is practically being used in attacks today

Linux Process Name Masquerading, (Wed, Jun 24th)

In a previous diary, I talked about stack strings&&#x23&#x3b;x26&#x3b;&#x23&#x3b;x5b&#x3b; 1 &&#x23&#x3b;x26&#x3b;&#x23&#x3b;x5d&#x3b; with a practical example of them. Since my SEC670 class,…

Dialog Claims It Was Hacked. A Misconfigured Website Left Its Members Exposed

The private events group, cofounded by Peter Thiel, says a “criminal” hacker is behind a breach that exposed members’ personal details. WIRED found no evidence a break-in was needed to access the files.

Fake AI Agent Skill Passed Security Scans and Reportedly Reached 26,000 Agents

Security firm AIR built a fake AI agent skill, pushed it through a popular skill marketplace and an Instagram ad, and says it reached roughly 26,000 agents, including some on corporate accounts. Every skill security scanner the firm tested it against marked…

OpenAI Expands Daybreak to Help Defenders Patch Flaws

OpenAI expanded Daybreak with a full GPT-5.5-Cyber release to help defenders patch software flaws

Agentic AI: The Weapon That No Longer Needs a Warrior

Every weapon begins as an extension of the hand that holds it. The spear lengthened the reach of the arm. The bow sent the point flying without the throw. The rifle placed a man's death a quarter mile beyond his sight, and the aircraft carried that death…

Five Eyes Group Issues Urgent Call to Tackle Frontier AI Threats

The Five Eyes Alliance has published a rare call to action for organizations facing AI threats

OpenAI Expands Daybreak With GPT-5.5-Cyber to Help Defenders Patch Security Flaws

OpenAI on Monday said it's releasing an improved version of its GPT‑5.5‑Cyber model to trusted defenders as part of the Daybreak initiative the artificial intelligence (AI) company announced last month. Calling GPT‑5.5‑Cyber its "strongest model yet for…

CVE-2024-40766: The Patch Fixed the Bug. Nobody Fixed the Configuration., (Tue, Jun 23rd)

The vulnerability 

OpenAI Launches Full-Scale Effort to Patch Open-Source Bugs as It Takes on Anthropic’s Mythos

Amid concerns about AI models’ cybersecurity capabilities, OpenAI revealed an improved version of GPT-5.5-Cyber and its “Patch the Planet” initiative to fix open-source software bugs.

Researchers Detail DifyTap Flaws in Dify That Could Expose AI Chats Across Tenants

Cybersecurity researchers have disclosed details of four vulnerabilities in Dify, an open-source agentic workflow platform with more than 146,000 GitHub stars, that could allow attackers to stealthily read artificial intelligence (AI) conversions from other…

Stop Your Legacy Infrastructure from Hijacking Your AI Agents

Earlier this month, I spoke at the Gartner Security & Risk Management Summit about a blind spot most security programs are still not accounting for - how attackers are circumventing AI security programs by using legacy infrastructure to hijack AI agents. AI…

Microsoft Attributes Mastra AI Supply Chain Attack to North Korea

North Korean threat actor Sapphire Sleet has been linked to a supply chain attack targeting Mastra, according to Microsoft security researchers

World Cup Scams Are Getting Harder to Spot

From fake tickets to cloned websites, AI is magnifying World Cup scams. Can fans distinguish between what’s real and what’s not?

INTERPOL Warns Phishing, Ransomware, and AI Scams Are Rising Across Asia-Pacific

A new report from INTERPOL has revealed a "dramatic increase" in cybercrime in Asia and the South Pacific, fueled by rapid digitalization, internet penetration, new technologies, organized criminal networks, and a disparity in cybersecurity maturity.…

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution

Microsoft researchers have detailed an exploit chain, named AutoJack, that turns an AI browsing agent into a delivery vehicle for remote code execution. Steer the agent to load an attacker's web page, and that page's JavaScript can reach a privileged local…

AWS Unveils 'Continuum,' an AI-Powered Vulnerability Management Platform

Working with frontier AI models, this new platform aims to help discovering, prioritizing, validating and remediating code vulnerabilities

eBanking Phishing Delivered Through IPv4-Mapped IPv6 Address, (Fri, Jun 19th)

I detected an interesting phishing email this morning. It targets a major Belgian bank: 

‘Popa’ Botnet Linked to Publicly-Traded Israeli Firm

For the past four years, a sprawling Android-based botnet called Popa has forced millions of consumer TV boxes to relay Internet traffic linked to advertising fraud, account takeovers, and mass data-scraping efforts. This week, researchers from multiple…

Fake GitHub Stars and AI Videos Mask a Crypto Clipper

A Rust crypto clipper hides behind fake GitHub stars and AI-narrated YouTube videos

Cybercriminals Are Worried About AI Taking Their Jobs Too

Analysis of chatter on underground forums by Sophos finds that hackers fear AI could take work away from them

North Korean Hiring Fraud Runs on AI and US Laptop Farms

Nisos infiltrated a North Korean IT-worker fraud cell running on AI interviews and a US laptop farm

Sensitive Enterprise Data Uploads to AI Models Double in a Year

The rise of AI-assistants and applications in the enterprise has seen a 93% increase in employees attempting to upload sensitive data, bringing security challenges

AI Threats and Alert Fatigue Challenge Cybersecurity Teams

Filigran survey at Infosecurity Europe 2026 reveals AI-powered attacks as the top concern, with false positives, alert fatigue and manual processes draining security teams

Staffing Is Top SOC Challenge Even as AI Proliferates, Says SANS

SANS Institute study finds few SOCs have built AI into defined workflows, despite widespread adoption

‘Dangerous’ AI Models Are Coming No Matter What

The US government crackdown on Anthropic’s Claude Fable 5 and Mythos 5 hides a glaring truth: AI models with advanced hacking capabilities will soon be the norm.

Chainguard, JPMorgan, BNY Team Up to Secure Open Source from AI Threats

Athena is a new an industry coalition to fix the vulnerabilities frontier AI models find before attackers can exploit them

Cybersecurity Experts Urge US to Lift Ban on Anthropic's Frontier AI Models

Access to two Anthropic large language models, Mythos 5 and Fable 5, has effectively been banned to any non-US nationals by the Trump administration

UK Government Finds 400+ Vulnerabilities in AI Hackathons

Government departments find hundreds of vulnerabilities after testing frontier models

The FCC Wants to Kill Burner Phones

Plus: AI bug hunting fuels Microsoft’s biggest-ever Patch Tuesday, ShinyHunters ransomware gang exploits an Oracle zero-day, and more.

Grok Is Still Hosting Sexualized Deepfakes of Famous Women

A WIRED investigation found dozens of “nudified” deepfake images and videos on Grok's website, including nonconsensual depictions of celebrities and at least one prominent US politician.

Cybercriminals Use Fake AI Guides and Dev Tools to Spread AsyncRAT Malware

Fake AI guides hide a multi-stage chain that drops AsyncRAT, with signs of AI-assisted coding

Most Cybersecurity Teams Struggle to Find Time for Training on New Cyber Threats

Organizations are aware of the challenges that new technologies like AI bring: but cybersecurity staff struggle to make time for the required training during working hours

Signal Alums Reveal ‘Encrypted Spaces,’ a System for Making Private Collaboration Apps

The new open-source project could serve as the basis for a future of apps with features as complex as Slack, Discord, or Google Docs—but with added protection against surveillance.

New “Agentjacking” Attacks Could Hijack AI Coding Agents

Tenet Security researchers reveal how new “agentjacking” attacks could trick coding agents into executing arbitrary code

CISA Tells US Agencies to Fix Security Bugs in as Little as 3 Days Thanks to AI Threats

“Defenders cannot afford to take weeks to patch,” one Cybersecurity and Infrastructure Security Agency official warned on Wednesday.

Who Runs the Ransomware Group ‘The Gentlemen?’

A cybercrime group known as The Gentlemen has emerged as the second most active ransomware gang by victim count, rapidly attracting a talented pool of hackers through an aggressive recruitment strategy that promises affiliates 90 percent of any ransom paid by…

New Fable 5 Is a "Mythos-Class" LLM Available to All, Anthropic Announces

Anthropic unveils Claude Mythos 5 and Fable 5, a restricted-access frontier AI model and guardrailed version for everyone to use

A Record-Breaking Patch Tuesday for June 2026

Microsoft today released software updates to plug nearly 200 security holes across its Windows operating systems and supported software, a record number of fixes for the company's monthly Patch Tuesday cycle. Nearly three dozen of those bugs earned…

AI Coding Adoption Hits 97% but Governance Lags Behind

Most dev teams use AI coding assistants but only 30% have full governance in place

OpenAI Unveils ChatGPT Account Security Controls

OpenAI brings Lockdown Mode and Active Sessions to ChatGPT to curb prompt injection data theft

Infosecurity Europe: Prompt Injection Remains Unsolved, OWASP Researcher Warns

At Infosecurity Europe 2026, OWASP’s Ariel Fogel warned that prompt injection remains an “unresolved problem” within generative AI architecture

Meta AI Bug Exposes Over 20,000 Instagram Accounts

Meta confirms an AI tool vulnerability led to unauthorized access to Instagram accounts after a failure in email verification during password reset

Infosecurity Europe: Practical Lessons From Lloyds' Agentic AI Security Playbook

Lloyds Banking Group shared its approach for securing agentic AI workflows, with a mix of hands on experimentation and cross functional governance

Infosecurity Europe: OWASP Introduces Agentic AI Security Maturity Framework

The OWASP agentic AI security framework helps organizations assess governance maturity vs adoption and adjust governance as needed

Infosecurity Europe: AI Coding Tools Need Built-In Security for Agentic Development Era

Ox Security field CTO, Boaz Barzel, makes the case for vibe security to tackle AI agent coding risks

Infosecurity Europe: AI Adoption Creates New Opportunities for Attackers to Distribute Malware, Microsoft Warns

Microsoft Detection and Response Team (DART) details how it has uncovered malicious AI applications as cyber criminals manipulate organizations adopting AI tools

Infosecurity Europe: Mythos Outperforms GPT5.5 on Google Chrome Vulnerability Exploits, Says New Benchmark

A Bugcrowd researcher has unveiled ExploitBench, an independent benchmark of AI models for vulnerability exploitation

Infosecurity Europe: How Proton Fights Against Cybercriminals Using Its Services

Proton uses machine learning models to detect abuse of its services – especially email addresses used by cybercriminals

Infosecurity Europe: Vulnerability Management Innovator Konvu Wins Cyber Startup Award

Inaugural Infosecurity Europe Cyber Startup Award Winner Impresses Panel with Ability Help Prioritize Vulnerabilities in AI era

Trump Signs Order Inviting Voluntary Review of Frontier AI Models

Trump's executive order invites voluntary pre-release review of frontier AI models

Anthropic Expands Mythos Access to 150 More Organizations

Anthropic widens Project Glasswing access to 150 more firms as patching becomes the bottleneck

Infosecurity Europe: Patch Responsibility Remains Up for Grabs as AI Unearths Decades of Flaws

The emergence of AI models capable to autonomously find and fix vulnerabilities at scale is having a significant impact on patching management, experts say

Infosecurity Europe: AI-Powered Cybercrime Tools Surge on Dark Web

Halcyon’s Cynthia Kaiser lifts the lid on the dark web market for AI cybercrime tools

Infosecurity Europe: Cybersecurity Teams Which Don’t Leverage AI are "Doomed to Fail"

Humans still need to be part of cyber defense, but refusing to deploy AI is no longer optional against AI-enhanced cyber threats, warns Dataminr’s Joe Slowik

Infosecurity Europe: Bayer Reinvents Security Awareness Training to Counter AI Threats

Bayer’s security awareness training now focuses on psychological approaches rather than technical methods for detecting social engineering

Threat Actor Uses AI to Build EDR Evasion Tools

A threat actor used AI coding tools to build and test EDR evasion malware, Sophos finds

Infosecurity Europe: UK Firms Prioritize AI Threat Preparedness as Cyber Risks Evolve

UK organizations are prioritizing AI-driven cybersecurity as 43% cite AI-powered attacks as their top risk, prompting significant investment in advanced threat defense

Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts

The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U.S. Space Force were briefly defaced with pro-Iranian images and messages over the weekend, after instructions began circulating on Telegram showing how to trick Meta's "AI…

Infosecurity Europe: AI SOCs Will Still Need SOC Analysts, Security Vendors Say

Top cybersecurity vendors said AI won't replace entry-level – only routine ticket-taking and triage

Attackers Abuse Shared Content for ChatGPT Phishing Campaign

Push Security says threat actors are delivering malware hosted on chatgpt.com/s/ domain

Infosecurity Europe: OWASP Forms New Agentic Research Council

OWASP’s new Agentic Research Council will aim to connect academic work to operational realities on agentic AI security

AI-Generated npm Malware Leaks Its Own GitHub Token

Sloppy AI-generated npm infostealer leaked its own GitHub token, exposing the operator

GCHQ Chief Urges Action as AI Reshapes Cyber Threats

GCHQ director urges urgent business cyber action as AI and quantum reshape the threat

All Major LLMs Exposed to Multi-Turn Manipulation, Warn Researchers

68% of UK Firms Plan to Increase Cyber Spending as AI Risks Rise

UK firms plan higher cyber spending as AI adoption raises security concerns

India's CERT-In Sets 12-Hour Patch Deadline for Exposed Flaws

CERT-In urges 12-hour patching of exposed flaws as AI compresses exploitation timelines

Fake Gemini and Claude Code Sites Spread Infostealers Through SEO Poisoning

The infostealer payload in this campaign collect a vast amount of data, from collaboration authentication keys to cryptocurrency wallets

Three-Quarters of Firms Knowingly Ship Vulnerable Code

AI risks threaten to permeate supply chains through unvetted code and unaudited suppliers

AI Raises the Bar on Vulnerability Awareness and Secure-by-Design Software

AI-powered vulnerability scanning leaves no excuse for unpatched bugs as the EU Cyber Resilience Act pushes firms toward secure-by-design software

Agentic AI Accelerates Software Builds and Mobile App Attacks

Digital.ai data reveals 87% of apps were attacked over the past year

NCSC Publishes Guidance on Securing Agentic AI Use

The UK’s National Cyber Security Centre is helping organizations to understand agentic AI security risks

Bank of England, FCA and Treasury Raise Alarm Over Frontier AI

The UK’s financial authorities have set expectations for the sector on cybersecurity and operational resilience

Most Organizations Now Use AI Agents for Sensitive Security Tasks

Semperis study finds 74% of organizations believe AI will increase attacks on identity infrastructure

ICO Publishes Five-Step Plan to Counter Emerging AI-Powered Attacks

The Information Commissioner’s Office has released new guidance on how to mitigate the risk of AI-powered attacks

Global Cyber Agencies Issue New SBOMs for AI Guidance to Tackle AI Supply Chain Risks

The G7 Cybersecurity Working Group releases new SBOM for AI guidance, outlining seven key data clusters to boost transparency and security across AI supply chains

UK Cybersecurity Market Expands to £14.7bn with Strong Growth in AI Security Firms

UK cybersecurity sector reaches £14.7bn in revenue, driven by rapid growth in AI security firms, increased investment and rising employment across the industry

Patch Tuesday, May 2026 Edition

Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer code. That reality is on full display this month with some of…

OpenAI Launches 'Daybreak' to Help Build Secure By Design Software

With Daybreak, OpenAI wants its frontier AI models to be used to deploy secure by design software from the ground up

Malicious Hugging Face Repository Typosquats OpenAI

HiddenLayer reveals infostealer malware in a Hugging Face repository

Fake Claude Code Page Pushes PowerShell Stealer at Devs

Ontinue uncovers fake Claude Code installer pushing PowerShell stealer abusing Chrome's IElevator2

Hackers Observed Using AI to Develop Zero-Day for the First Time

Google Threat Intelligence Group details how cybercriminals attempted to launch a campaign based around an AI-developed Zero-Day targeting open-source software

Legacy Security Tools Failing Data Protection, Capital One Software Report Finds

Traditional network security tools are undermining data protection, with Forrester and Capital One Software research warning AI adoption is impossible without rethinking data security

Cline Kanban Flaw Lets Websites Hijack AI Coding Agents

Oasis Security finds critical Cline kanban WebSocket flaw exposing AI coding agents to hijack

OpenAI and Anthropic LLMs Used in Critical Infrastructure Cyber-Attack, Warns Dragos

Commercial AI models were used to help plan and conduct cyber-attack against operational technology of a water and drainage facility, say researchers

Fake Claude AI Site Drops Beagle Backdoor on Windows Users

Sophos finds fake Claude site spreading DonutLoader and a new Beagle backdoor via DLL sideloading

AI Adoption Outpaces Safety Policies, Leaving Organizations Exposed to Cyber Risk

ISACA report warns that while AI has become the norm, many organizations are yet to formally apply safety or security policies around its use

OpenAI To Extend Cyber Program to Government Agencies

OpenAI announced its intention to expand the Trusted Access for Cyber program for cyber defenders at the federal, state and local government levels

Anthropic Rolls Out Claude Security for AI Vulnerability Scanning

Claude Security enters public beta, giving enterprises AI driven code scanning with no API integration or custom agents required

Nine-Year-Old Zero-Day Flaw in Linux Kernel Discovered by AI-Equipped Security Researcher

A researcher from offensive security firm Theori has found a nine-year-old flaw in the Linux kernel with the help of AI

Cyber is the Number One Global “People Risk,” Says Marsh

Marsh’s 2026 People Risks survey finds cyber‑related challenges dominate, as cyber‑threat literacy tops risks and cyber and AI skills shortages rise

Malicious npm Dependency Linked to AI Assisted Commit Targets Crypto Wallets

Researchers uncover a malicious npm dependency linked to an AI‑assisted code commit that steals sensitive data and exposes crypto wallets

AI Rush is Reviving Old Cybersecurity Mistakes, Mandiant VP Warns

AI tools are not just creating new vulnerabilities, they are reviving old security failures, warned Jurgen Kutscher, VP of Mandiant Consulting

Google Favors General-Purpose Gemini Models Over Cybersecurity‑Specific AI

Google Cloud’s COO advocated for combining general-purpose frontier large language models with task-specific AI agents

Google Introduces Unique AI Agent Identities in New Gemini Enterprise Platform

Google Cloud will attribute a unique cryptographic ID every AI agent that will be tied to “traceable and auditable” authorization policies

Researchers Uncover 10 In-the-Wild Prompt Injection Payloads Targeting AI Agents

Forcepoint has found 10 new indirect prompt injection attacks targeting AI agents

Defending Against China-Nexus Covert Networks of Compromised Devices

<div class="SCXW131754345 BCX8"> <div class="OutlineElement Ltr SCXW131754345 BCX8"> <h2><a class="c-button c-button--on-dark"…

Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure

<h2><strong>Advisory at a Glance</strong></h2> <table> <tbody> <tr> <th>Title</th> <td>Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure</td> </tr> <tr> <th>Original Publication</th> <td>April 7,…

Pro-Russia Hacktivists Conduct Opportunistic Attacks Against US and Global Critical Infrastructure

<h2><strong>Summary</strong></h2> <p><strong>Note:</strong> This joint Cybersecurity Advisory is being published as an addition to the Cybersecurity and Infrastructure Security Agency (CISA) May 6, 2025, joint fact sheet <a…

CISA Shares Lessons Learned from an Incident Response Engagement

<h2><strong>Advisory at a Glance</strong></h2> <table> <tbody> <tr> <td>Executive Summary</td> <td>CISA began incident response efforts at a U.S. federal civilian executive branch (FCEB) agency following the detection of potential malicious activity…

Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System

<h2><strong>Executive summary</strong></h2> <p>People’s Republic of China (PRC) state-sponsored cyber threat actors are targeting networks globally, including, but not limited to, telecommunications, government, transportation, lodging, and military…

Russian GRU Targeting Western Logistics Entities and Technology Companies

<h2><strong>Executive Summary</strong></h2> <p>This joint cybersecurity advisory (CSA) highlights a Russian state-sponsored cyber campaign targeting Western logistics entities and technology companies. This includes those involved in the coordination,…

Student Loan Breach Exposes 2.5M Records

2.5 million people were affected, in a breach that could spell more trouble down the line.

Watering Hole Attacks Push ScanBox Keylogger

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.