SANDWORM_MODE: The Rise of Adaptive Supply Chain Worms
Earlier this year, we asked our team where they expect open source cyberattacks to go next. Sonatype Principal Security...
AI
Scarcity in DDR5 RAM Fueled by AI Demand Sparks Massive Scalping Surge
Key takeaways: The explosive growth of AI is driving unprecedented demand for DDR5 RAM, and scalping bots are currently...
Claude code abused to steal 150GB in cyberattack on Mexican agencies
Claude code abused to steal 150GB in cyberattack on Mexican agencies Pierluigi Paganini March 01, 2026 Hackers abused Claude Code...
How AI Aids Incident Response: Why Humans Alone Cannot Do IR Efficiently
How AI Aids Incident Response: Why Humans Alone Cannot Do IR Efficiently Pierluigi Paganini February 27, 2026 AI accelerates incident...
Beyond the CLI: 5 Governance Questions Every CISO Must Ask Before Deploying Claude Code
Beyond the CLI: 5 Governance Questions Every CISO Must Ask Before Deploying Claude Code As CISOs, we’ve spent the last...
The AI Agent Identity Crisis: 80% of Agents Don’t Properly Identify Themselves, 80% of Sites Don’t Verify
AI agents are reshaping product discovery and commerce, but there’s a fundamental problem with AI agent identity: most agents...
Accelerate Secure Releases With Microsoft Copilot and Sonatype Guide
AI coding assistants, such as Microsoft Copilot, are fundamentally transforming the process of software development. Developers can generate scaffolding,...
LLMs Generate Predictable Passwords
LLMs are bad at generating passwords: There are strong noticeable patterns among these 50 passwords that can be seen...
AI Shocks the Cybersecurity Market
The cybersecurity market was jolted last week after Anthropic dropped a bombshell announcement. The company’s new AI Claude model...
Arkanix Stealer: AI-assisted info-stealer shuts down after brief campaign
Arkanix Stealer: AI-assisted info-stealer shuts down after brief campaign Pierluigi Paganini February 24, 2026 Arkanix Stealer surfaced in late 2025...
Is AI Good for Democracy?
Politicians fixate on the global race for technological supremacy between US and China. They debate geopolitical implications of chip...
AI-powered campaign compromises 600 FortiGate systems worldwide
AI-powered campaign compromises 600 FortiGate systems worldwide Pierluigi Paganini February 23, 2026 A Russian-speaking cybercriminal used commercial generative AI tools...
When AI Knows Something is Wrong, But No One is Accountable
In the absence of government regulation, we are leaving it to individual tech companies to determine when their own...
Google Blocked 1.75M Harmful Apps From Play Store in 2025
Generated with Google Gemini. Google relied on expanded AI-driven review systems and stronger front-end controls to block more than 1.75...
Why AISPM Isn’t Enough for the Agentic Era
AI agents have quietly crossed a threshold. They are no longer confined to drafting emails or summarizing documents, but...
