Latest News

Researchers found more than 80 high-impact cloud and AI vulnerabilities during the event, which had a $5 million prize pool.

To optimize management of CVE volume, entries that do not meet specific criteria will not be automatically enriched.

The flaws can be exploited remotely to impersonate users or execute arbitrary commands on the underlying OS.

The automotive analysis and data company is working with external experts to investigate the attack.

A researcher has disclosed the details of the AI attack method he has named ‘Comment and Control’.

In what was Sweden’s first public mention of the attack, the country’s minister for civil defense said it targeted a heating plant in western Sweden.

Hackers are exploiting CVE-2026-33032, a critical remote takeover vulnerability in the Nginx UI management tool. 

The Israeli startup aims to secure AI agents at runtime, continuously monitoring their behavior to prevent unsafe actions.

Researchers warn that a flaw in Anthropic’s Model Context Protocol allows unsanitized commands to execute silently, enabling full system compromise across widely used AI environments.

Published through five accounts, the extensions appear part of a coordinated campaign based on shared C&C infrastructure.

Sophos’ Ross McKerchar discusses leadership at scale, retaining talent, defending against AI-enabled threats, and the industry’s growing trust problem.

Offered as a MaaS to a small number of affiliates, mainly Russian speakers, the RAT can turn devices into residential proxy nodes.

The flaws could allow a remote attacker to maintain access after their account has been disabled and to access information from other user sessions.

Researchers found adware capable of killing cybersecurity products and pushing more dangerous payloads to infected systems.

Congress is set to take up the reauthorization of a divisive program that lets U.S. spy agencies pore over foreigners’ calls, texts and emails.