AI/MLPopular AI tools tricked to create malware for Chrome browserSteve ZurierMarch 21, 2025Cato Networks researchers create jailbreak method where hacking is normal in an alternate reality.
Data SecurityVeeam patches critical 9.9 flaw in backup and replication productSteve ZurierMarch 20, 2025Deserialization vulnerability that could let attackers run a remote code execution (RCE).
Vulnerability ManagementGitHub Action bug allows supply chain attack; added to CISA listSteve ZurierMarch 19, 2025Affected organizations running repos in GitHub should assume compromise and rotate secrets immediately.
Cloud Security$32 billion Google-Wiz deal bodes well for cloud security, experts saySteve ZurierMarch 18, 2025Acquisition promises to blend Google Cloud’s AI depth with stronger cloud security from Wiz.
Cloud SecurityMicrosoft 365 environments exploited in business email attacksSteve ZurierMarch 17, 2025The BEC attacks rely on phishing lures that let the bad actors operate entirely within the Microsoft 365 ecosystem.
AI/MLOpenAI’s Operator AI agent can be used in phishing attacks, say researchersSteve ZurierMarch 14, 2025Researchers prove how attackers can use the added functionality in AI agents to launch phishing attacks.
AI/MLResearchers use jailbreak to build functional malware via DeepSeekSteve ZurierMarch 13, 2025Tenable researchers jailbreak DeepSeek to build a keylogger and ransomware.
Application securityXCSSET macOS malware variant targets Xcode projects of app developersSteve ZurierMarch 12, 2025XCSSET variant features enhanced stealth features that can lead to the exfiltration of sensitive financial information.
Vulnerability Management3 Ivanti flaws added to CISA list of known exploited vulnerabilitiesSteve ZurierMarch 11, 2025Ivanti Endpoint Manager flaws can grant unauthenticated attackers full compromise of vulnerable servers.
Vulnerability ManagementCritical 9.8 PHP flaw exploited in US, Japan and SingaporeSteve ZurierMarch 10, 2025Security pros say exploitation of critical PHP flaw could lead to system compromise and ransomware attacks.
