Archive
All articles, newest first. Page 9.
AI Agents: Only 11% Secure as 'Lethal Trifecta' Exposes 98% of Market
Adversa AI’s AIRQ Q2 2026 benchmark of 100 commercial agents reveals a 'power-protection inversion': as capabilities increase, defense…
Acer Wave 7: Critical Zero-Days Exposed, Patch Not Expected Until Late June
Acer confirms two vulnerabilities (CVSS 10.0 and 9.8) in its Wave 7 router, involving cleartext credential leaks and a persistent back…
Microsoft Refuses to Patch Windows Search URI Flaw Enabling NTLM Hash Theft
Huntress has disclosed an unpatched vulnerability in the Windows search: URI handler that allows attackers to steal NTLMv2 hashes via…
Trump Signs AI Executive Order: 30-Day Voluntary Review for Frontier Models
The executive order establishes a voluntary framework for pre-release government access to advanced AI models, tasking the NSA with mo…
SI-CERT: How a 13-Person Team Manages 6,000 Annual Incidents
Slovenia’s national CSIRT, SI-CERT, processes 6,000 cyber incidents annually with a core staff of just 13. By deploying a specialized…
Kemp LoadMaster API Flaw Enables Authenticated RCE: CVSS 8.8 Vulnerability Patched
CVE-2026-3517 in Progress Software Kemp LoadMaster allows authenticated users to execute arbitrary code via command injection in the c…
CVE-2026-0826: Root RCE Vulnerability Hits HP Poly Enterprise VoIP Phones
A critical stack-based buffer overflow in HP Poly Voice's SDP parsing allows unauthenticated remote code execution with root privilege…
AI Zero-Days and OT Vulnerabilities: ESET’s May 2026 Security Briefing
Tony Anscombe’s latest roundup highlights critical failures in Polish water plants, Google’s discovery of the first AI-generated zero-…
Tuskira Unveils Quell: AI Agent Designed to Mitigate Zero-Days Before Patches Exist
Tuskira has launched Quell, an AI agent that maps attack paths and orchestrates compensating controls to neutralize zero-day threats a…
Gamaredon APT Weaponizes WinRAR Path Traversal Bug for Ukrainian Espionage
The Gamaredon APT group is exploiting CVE-2025-8088, a path traversal vulnerability in WinRAR, to deploy a modular malware suite again…
CISA Warns of Active Exploitation for Two-Year-Old Oracle WebLogic Flaw
CISA has added CVE-2024-21182 to its Known Exploited Vulnerabilities (KEV) catalog, confirming active exploitation of an Oracle WebLog…
Cybanetix Launches Managed AI Service: AI-Native MDR Powered by Four-Vendor Stack
Cybanetix has unveiled its Managed AI Service, integrating NOMA, SentinelOne, Microsoft, and Exabeam under a unified 24/7 SOC with a s…
BadBone: Dormant AI Backdoor Evades Six Major Security Defenses
BadBone research demonstrates that backdoors in pre-trained AI models remain invisible until customized, maintaining a 0.10% attack su…
Gitea Bug Exposed Private Container Images for Four Years
CVE-2026-27771: A critical flaw in Gitea’s container registry left approximately 31,750 instances vulnerable for nearly four years. Di…
Anthropic Grants ENISA Access to Mythos: A Strategic Shift for EU Cybersecurity
Anthropic is granting ENISA access to its Mythos model for vulnerability discovery. As the first EU entity to join Project Glasswing,…
DriveSurge: Thousands of Legitimate Sites Weaponized for Malware Distribution
The threat actor DriveSurge has compromised thousands of websites to automate malware delivery via ClickFix and Fake Update schemes, m…
OpenAI Mandates Hardware-Backed Passkeys for Access to Frontier AI Models
Starting June 1, 2026, OpenAI will require Trusted Access for Cyber (TAC) program members to use hardware-backed passkeys, setting a n…
Tina Peters Released: Election Insider Threat Becomes Political Flashpoint
Colorado Governor Jared Polis commutes the sentence of former clerk Tina Peters. CyberScoop and The Independent detail her release, th…
Insight Launches Managed Exposure Defense to Combat AI-Driven Exploit Speed
Insight consolidates CTEM, enterprise patching, supply chain risk, surge engineering, and XDR into a unified managed service designed…