Patching practices are coming under intense pressure of late, as time-to-exploit windows accelerate — a new reality likely to worsen as AI…
News
Security experts caution MFA alone can no longer stop threat actors
Cybersecurity experts are warning enterprise admins about an increasing number of phishing campaigns aimed at stealing Microsoft 365 (M365) access tokens to…
Project Glasswing has uncovered 10,000 vulnerabilities: Anthropic
Anthropic says it and upwards of 50 partners involved in Project Glasswing have uncovered an estimated 10,000 critical or high-severity vulnerabilities in…
AI security needs a shift from models to systems, researchers argue
Enterprises cannot secure AI agents by making the underlying models more robust and must instead enforce security controls at the system level…
As AI speeds coding, CVE Lite CLI keeps security deliberately AI-free
As AI coding assistants accelerate software development, one OWASP-backed open-source project is arguing that dependency security tooling still arrives too late to…
To pay, or not to pay: 58% of CISOs say they would pay the ransom for their data
If you were hit by ransomware tomorrow, would you pay to get your data back? That’s what more than half of CISOs…
Google leaks details for Chromium bug that can turn browsers into bots
Chromium — the open-source browser that underpins Google Chrome, Microsoft Edge, and Opera, among others — contains an unpatched vulnerability that attackers…
FBI warns of Kali Oauth stealers
The FBI has warned of the danger from a new wave of phishing attacks generated by a tool called Kali365. It enables…
Police take down VPN service (this time with a good reason)
European authorities have cracked down on a VPN that has been used for various criminal activities. The operation, led by investigators in…
Microsoft says it’s making AI ‘safe for work’ in your browser
Microsoft is testing the addition of agentic AI to its corporate browser, Edge for Business. A new version, currently available in a…