Skip to main content
← All Tags

Cybersecurity

627 articles in this category (Page 4 of 27)

AI NewsOpen SourceCybersecurity

Addressing Open Source Sustainability and Security with Trusted Stewardship

Chainguard announces new security initiatives at its Assemble conference to address open source sustainability issues including funding and maintainer burnout.

Read more
AI NewsArticleCybersecurity

GlassWorm Campaign: 72 Malicious Open VSX Extensions Target Developers

GlassWorm campaign abused 72 malicious Open VSX extensions and 151 GitHub repositories to steal secrets using stealthy transitive dependencies.

Read more
AI NewsCybersecurityArtificial Intelligence

OpenClaw AI Agent Flaws Enable Prompt Injection and Data Exfiltration

CNCERT warns that OpenClaw's weak security defaults enable prompt injection and data leaks, leading China to restrict its use on government systems.

Read more
AI NewsCybersecurityThreat Intelligence

Chinese State-Backed Hackers Target Southeast Asian Militaries with Custom Malware

Chinese threat actor CL-STA-1087 has targeted Southeast Asian military systems since 2020 using custom backdoors like AppleChris and MemFun for espionage.

Read more
AI NewsCybersecuritySoftware Development

Critical n8n Flaws Enable Remote Code Execution and Credential Theft

n8n addresses four critical vulnerabilities (CVSS 9.4-9.5) allowing unauthenticated RCE via Form nodes and sandbox escapes, risking exposure of global encryption keys and stored credentials.

Read more
AI NewsArticleCybersecurity

Meta Disables 150K Accounts Linked to Southeast Asia Scam Centers in Global Crackdown

Meta disabled 150,000 scam accounts tied to Southeast Asian fraud networks and removed 159 million scam ads in 2025 to disrupt industrialized criminal operations.

Read more
AI NewsArticleCybersecurity

Researchers Trick Perplexity's Comet AI Browser Into Phishing Scam in Under Four Minutes

Researchers used GAN-trained phishing pages to compromise Perplexity’s Comet AI browser in under four minutes, demonstrating a shift from human-targeted to AI-targeted attack surfaces.

Read more
AI NewsCybersecurityNetwork Security

FortiGate Appliances Targeted to Steal LDAP Credentials and Breach Networks

Threat actors are exploiting FortiGate NGFW vulnerabilities to extract configuration files and decrypt LDAP credentials for Active Directory access.

Read more
AI NewsAI SecurityCybersecurity

Securing Agentic Workflows: Auditing AI Data Leaks and Hidden Vulnerabilities

Learn to audit AI agents and mitigate data leak risks in modern agentic workflows during a webinar featuring Rahul Parwani, Head of Product at Airia.

Read more
AI NewsAppSecurityCybersecurity

API Credential Theft: The Critical Shift to Identity-Based Data Breaches

API credential theft is now the #2 cause of data breaches, with AI-driven exploitation increasing 89% year-over-year as breaches occur in under 8 minutes.

Read more
AI NewsAppSecCybersecurity

API Credential Security: 8-Minute Exploitation and Real-Time Breach Detection

Exposed API credentials are exploited in 8-10 minutes on average, significantly faster than the typical 4-6 hour security detection window.

Read more
AI NewsCybersecurityAI Governance

Securing the Cerebral Link: Neural Implant Threats and AI Governance

As 2M+ people globally use neural implants, emerging threats like neuromorphic mimicry show a 67% success rate in defeating BCI authentication systems.

Read more
AI NewsCybersecurityWeb Development

Mercurius GraphQL Fixes Critical WebSocket Query Depth Bypass (CVE-2026-30241)

Mercurius GraphQL patches CVE-2026-30241, a logic vulnerability in Fastify's adapter allowing unauthenticated attackers to bypass query depth limits via WebSockets.

Read more
AI NewsSoftware EngineeringCybersecurity

AI Governance and Security Triage: Engineering Signals from GitHub and CISA

GitHub hits 60M Copilot reviews as CISA adds 5 exploited CVEs, shifting the industry focus from AI generation speed to governance and security triage.

Read more
AI NewsArtificial IntelligenceCybersecurity

5 Essential Security Patterns for Robust Agentic AI

Secure autonomous agents using five critical patterns including JIT tool privileges and execution sandboxing to mitigate risks like prompt injection and data exfiltration.

Read more
AI NewsDomain IntelligenceCybersecurity

Unlocking WHOIS Data: Leveraging Domain Intelligence for Security and Sales

WHOIS records provide critical domain intelligence, enabling businesses to track registration dates, nameservers, and registrar data for fraud detection and lead qualification.

Read more
AI NewsBackend EngineeringCybersecurity

Scaling Backend Robustness: SaaS-Grade Analytics for AI Phishing Defense

Arslon Erkinov strengthens AI phishing defense through API usage monitoring and risk intelligence metrics while resolving critical ORM schema migration errors.

Read more
AI NewsSoftware DevelopmentCybersecurity

Engineering Private Communication: LSB Steganography in Digital Postcards

Vasilis-Skourtis-Dev built Digital Postcards for the DEV Weekend Challenge, using LSB steganography to hide 7-line messages in pixels.

Read more
AI NewsCybersecurityAI Security

ClawJacked Vulnerability: Malicious Websites Hijack Local OpenClaw AI Agents

OpenClaw patches the ClawJacked flaw and 71 malicious skills as attackers exploit WebSocket connections to hijack local AI agents.

Read more
AI NewsCybersecurityCloud Computing

Thousands of Google Cloud API Keys Exposed to Gemini Abuse and Massive Billing Risks

Research reveals 2,863 public Google API keys can access Gemini endpoints, enabling private data exposure and massive billing abuse reaching over $82,000 in a single incident.

Read more
AI NewsCybersecuritySoftware Development

Security and Platform Integrity: Analyzing Jakpot Lone App Support Listings

Firaj Firajsing identifies 8757392835 as the Jakpot Lone App customer care number, prompting community alerts regarding potential abuse and platform moderation.

Read more
AI NewsCybersecuritySoftware Engineering

CVE-2026-27465: Securing Fleet Device Management Against Google Calendar Key Leaks

Fleet versions before 4.80.1 exposed Google Service Account private keys to low-privileged users via a configuration API, assigned a CVSS score of 4.3.

Read more
AI NewsCybersecuritySoftware Development

CVE-2026-3105: Mautic SQL Injection via API Sorting Parameters

Mautic patches a high-severity SQL injection vulnerability (CVE-2026-3105) with a CVSS score of 7.6 that allows blind data exfiltration via API sort parameters.

Read more
AI NewsCybersecurityThreat Intelligence

Google Disrupts UNC2814 GRIDTIDE Campaign After 53 Breaches Across 42 Countries

Google disrupted China-linked threat actor UNC2814, which breached 53 organizations in 42 countries using the GRIDTIDE backdoor and Google Sheets API for C2.

Read more