China’s Flax Typhoon Exploits ArcGIS App for Year-Long Persistence
A China-backed threat group exploited what ReliaQuest researchers called a “common security blind spot” to maintain persistence in a widely...
Spotlight
The Endpoint Has Moved to the Browser — Your Security Tools Haven’t
Your users aren’t downloading files to their desktops anymore. They’re not running local applications. They’re working in Google Docs, Salesforce,...
#Pixnapping: Android Timing Attack Sends Google Back to the Drawing Board
Researchers discover a new way to steal secrets from Android apps.Anything any Android app can display is vulnerable to the Pixnapping...
Oracle Warns of New EBS Vulnerability That Allows Remote Access
Oracle over the weekend issued another security alert about a vulnerability in its E-Business Suite (EBS), the software family that...
Salesforce Refuses to Pay Ransom to Data-Stealing Hackers
Salesforce reportedly is refusing to pay a ransom demanded by hackers who claim to have stolen more than 1 billion...
#RediShell: Redis/Valkey Get ‘Perfect 10’ Critical RCE Vuln
CVSS 10.0 vulnerability in ubiquitous cloud storage layer. PATCH NOW.Redis (Remote Dictionary Server) and its open source fork Valkey share a...
Commvault Adds Ability to Recover Iceberg Data Lake Tables
Commvault has added an offering to its data protection portfolio specifically designed to backup and restore the Iceberg table structures...
Beyond Chatbots: Why Agent Security Is the Industry’s Next Major Challenge
The Shift from Answering Questions to Taking ActionAI systems are evolving beyond conversation. Today’s autonomous agents book flights, manage calendars,...
Survey Sees AI Becoming Top Cybersecurity Investment Priority
A global survey of 3,887 business and technology executives finds that artificial intelligence (AI) technologies (60%) are now the top...
Cl0p Ransomware Group Exploited in a Zero-Day in Oracle EBS Attacks
The Cl0p ransomware group that over the last week has been sending extortion emails to executives with companies it’s stolen...
From Fortresses to Zero-Trust: What Baghdad’s Green Zone Teaches Us About Modern Cybersecurity
Your Castle Is Already Breached Picture this: your organization’s network is a medieval castle, complete with drawbridge and moat. For...
Scattered Lapsus$ Hunters Extorts Victims, Demands Salesforce Negotiate
The so-called retirement of the Scattered Lapsus$ Hunters extortion group didn’t last long.The threat group – a combination of the...
Asahi Hack Update: Beer-Free Day #5 Dawns in Japanese Ransomware Crisis
金のうんこ! Breaking: Big beer brewer belatedly believes bitten by ransomware—and likely a data breach. The post Asahi Hack Update: Beer-Free...
Report Details Security Weakness in Comet AI Browser from Perplexity
A new LayerX report shows how a single malicious URL can exploit Perplexity’s Comet AI browser via prompt injection, potentially...
North Korea Remote Worker Scam Goes Global, Expands Target Industries
A report by Okta researchers says the notorious North Korea IT worker scams, which have focused on U.S. tech and...
