Aembit today announced the launch of Aembit Identity and Access Management (IAM) for Agentic AI, a set of capabilities that help organizations safely provide and […]
CISA Alerts on Active Exploitation of VMware Tools and Aria Operations 0-Day
The Cybersecurity and Infrastructure Security Agency (CISA) has raised alarm over active exploitation of a critical privilege escalation vulnerability affecting Broadcom’s VMware Tools and VMware […]
Massive Great Firewall Leak Exposes 500GB of Censorship Data
In a historic breach of China’s censorship infrastructure, over 500 gigabytes of internal data were leaked from Chinese infrastructure firms associated with the Great Firewall […]
AI-powered bug hunting shakes up bounty industry — for better or worse
AI-powered bug hunting has changed the calculus of what makes for an effective bounty program by accelerating vulnerability discovery — and subjecting code maintainers to […]
CISA Flags VMware Zero-Day Exploited by China-Linked Hackers in Active Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a high-severity security flaw impacting Broadcom VMware Tools and VMware Aria Operations to its […]
Malicious Multilingual ZIP Files Strike Banks and Government Offices
A sophisticated phishing campaign leveraging multilingual ZIP file lures has emerged across East and Southeast Asia, targeting government institutions and financial organizations with unprecedented coordination. […]
CISA Publishes New Guidance to Strengthen Microsoft Exchange Server Security
The Cybersecurity and Infrastructure Security Agency (CISA), working alongside the National Security Agency and international cybersecurity partners, has released a comprehensive security guidance document focused […]
New Agent-Aware Cloaking Technique Uses ChatGPT Atlas Browser to Feed Fake Content
Security researchers have uncovered a sophisticated attack vector that exploits how AI search tools and autonomous agents retrieve web content. The vulnerability, termed “agent-aware cloaking,” […]
A New Security Layer for macOS Takes Aim at Admin Errors Before Hackers Do
A design firm is editing a new campaign video on a MacBook Pro. The creative director opens a collaboration app that quietly requests microphone and […]
Malicious packages in npm evade dependency detection through invisible URL links: Report
Threat actors are finding new ways to insert invisible code or links into open source code to evade detection of software supply chain attacks. The […]