Anthropic wins reprieve against US DoD ban, buying time for contractors to assess AI supply chains
She added, “At oral argument, government counsel suggested that Anthropic showed its subversive tendencies by ‘questioning’ the use of its...
AndyC
Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.
AitM Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile Evasion
Ravie LakshmananMar 27, 2026Ransomware / Malware Threat actors are using adversary-in-the-middle (AitM) phishing pages to seize control of TikTok for...
We Are At War
Rising geopolitical tensions are reflected (or in some cases preceded) by cyber operations, while technology itself has become politicized. Let’s...
Bearlyfy Hits Russian Firms with Custom GenieLocker Ransomware
Ravie LakshmananMar 27, 2026Threat Intelligence / Vulnerability A pro-Ukrainian group called Bearlyfy has been attributed to more than 70 cyber...
LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks
Ravie LakshmananMar 27, 2026Vulnerability / Artificial Intelligence Cybersecurity researchers have disclosed three security vulnerabilities impacting LangChain and LangGraph that, if...
SEC Rules – Crypto IS A Security – Sometimes
There’s a classic Saturday Night Live sketch where Chevy Chase and Gilda Radner pitch “Shimmer”—a product that’s both a...
The 3 Security KPIs That Cut Through Alert Noise
TL;DR Three application security KPIs cut through alert noise to reveal actual risk: viable attack count, vulnerability escape rate...
China-linked Red Menshen APT deploys stealthy BPFDoor implants in telecom networks
China-linked Red Menshen APT deploys stealthy BPFDoor implants in telecom networks Pierluigi Paganini March 27, 2026 China-linked Red Menshen APT...
AI Infrastructure LiteLLM Supply Chain Poisoning Alert
Overview Recently, NSFOCUS Technology CERT detected that the GitHub community disclosed that there was a credential stealing program in...
How to Use a Risk Prioritization Matrix: Step By Step
Key Takeaways A risk prioritization matrix gives teams a shared way to compare risks, instead of letting urgency be...
Stateful hash-based signatures for AI tool definition integrity
The new reality of file sharing in ai ecosystems Ever tried to explain to a non-tech friend why giving...
U.S. CISA adds a Langflow flaw to its Known Exploited Vulnerabilities catalog
U.S. CISA adds a Langflow flaw to its Known Exploited Vulnerabilities catalog Pierluigi Paganini March 26, 2026 The U.S. Cybersecurity...
Coruna exploit reveals evolution of Triangulation iOS exploitation framework
Coruna exploit reveals evolution of Triangulation iOS exploitation framework Pierluigi Paganini March 26, 2026 Kaspersky found Coruna iOS exploits reuse...
How are NHIs supported in regulatory compliance?
Can Effective Non-Human Identity Management Elevate Your Compliance Strategy? The management of Non-Human Identities (NHIs) has become a crucial...
How do NHIs deliver value in cloud environments?
Are You Leveraging the Full Potential of Non-Human Identities? Non-Human Identities (NHIs) are rapidly gaining importance in digital security,...
