NetSTAR and Varist Announce Alliance to Combat AI-Driven Cyber Threats
NetSTAR Global and Varist have formed a strategic alliance to bolster defenses against generative AI‑driven cyber threats. The partnership merges NetSTAR’s telemetry from over 1.8 billion endpoints and categorization of 48 billion URLs with Varist’s hybrid detection engine that safeguards more than five billion mailboxes. By sharing intelligence through SDKs, cloud APIs and real‑time feeds, the two firms aim to deliver richer contextual threat data and faster detection for OEM security vendors. The collaboration focuses on enhancing URL, IP, domain and packet‑level visibility to counter AI‑generated malware and phishing.
Infinite Campus Security Incident Awareness: No Impact to Student Data According to Infinite Campus
Infinite Campus disclosed that a ShinyHunters actor accessed an employee's Salesforce account, exposing only staff directory information and not any student or employee databases. The breach was detected quickly, the compromised account was disabled, and services lacking IP restrictions were...
How ERP Systems Are Integrating Physical and Digital Security
Enterprises are turning to modern ERP platforms to merge physical access control, surveillance, and cybersecurity into a single, observable framework. By centralizing data streams, ERP systems enable real‑time monitoring, faster incident response, and unified compliance reporting. AI‑driven analytics further compress...
I Turned on One Windows 11 Setting and My Browsing Got Faster and More Private
The author discovered that enabling Windows 11’s system‑wide DNS‑over‑HTTPS (DoH) setting dramatically speeds up web browsing while encrypting all DNS queries, not just those from a single browser. Unlike browser‑only DoH, the OS‑level option routes every application’s DNS traffic through an...
Ex-NSA Directors Discuss 'Red Line' For Offensive Cyberattacks
At RSAC 2026, four former NSA directors and Cyber Command leaders debated the “red line” that would trigger a kinetic response to a cyberattack. The panel, held shortly after President Trump released a new offensive cyber strategy, emphasized that the...
Akamai Brand Guardian Detects and Removes AI-Driven Brand Impersonation
Akamai launched Brand Guardian, an AI‑driven evolution of its Brand Protector service, to automatically detect and remove fraudulent websites that impersonate brands. Scammers now use generative AI to create convincing fake digital assets in seconds, outpacing manual detection methods. Brand...
TP-Link Warns Users to Patch Critical Router Auth Bypass Flaw
TP‑Link released firmware updates fixing multiple critical flaws in its Archer NX series, including CVE‑2025‑15517, an authentication bypass that lets unauthenticated attackers upload firmware. The patch also removes a hard‑coded cryptographic key (CVE‑2025‑15605) and resolves two admin‑level command‑injection bugs (CVE‑2025‑15518, CVE‑2025‑15519)....
Njordium AI Blocks Fake Invoices and Fraudulent Payments
Njordium Cyber Group unveiled an AI‑driven Fraud Detection Module integrated into its new Vendor Management System, instantly flagging fake invoices, phantom services and abnormal pricing. The self‑learning engine extracts data from PDFs, OCR scans, Excel, XML and email, routing high‑confidence...
Experts Sound Alarm Over “Prompt Poaching” Browser Extensions
Security firm Expel reported a surge in malicious Chrome extensions that silently capture users’ AI conversations, a practice dubbed “prompt poaching.” The extensions monitor open tabs, intercept API calls or scrape the DOM, then transmit prompts and responses to external...
Microsoft Hands Entra ID Users New Option for MFA
Microsoft has made External MFA for Entra ID generally available, leveraging the OpenID Connect standard to let organizations integrate third‑party MFA solutions while retaining Conditional Access controls. The feature appears as an external authentication method that admins can assign to...
Virtual Machines, Virtually Everywhere – and with Real Security Gaps
Virtual machines have become ubiquitous in multi‑cloud and hybrid environments, but their ease of provisioning has led to unchecked growth, known as VM sprawl. Organizations often leave idle or over‑privileged VMs running without updates or proper monitoring, creating blind spots...
Check Point Launches AI Defense Plane to Secure the Agentic Enterprise at Scale
Check Point unveiled its AI Defense Plane, a unified security control layer that safeguards the emerging agentic enterprise. The platform extends protection beyond model safety to runtime governance of AI applications, employee tools, and autonomous agents. Built on the company’s...
Codenotary Introduces AgentX for Autonomous Linux Infrastructure Security
Codenotary unveiled AgentX, an autonomous platform that uses coordinated AI agents to manage, secure, and protect large‑scale Linux infrastructure across cloud and on‑premises environments. The solution automates configuration reviews, policy enforcement, and remediation while preserving full administrator control through zero‑trust...
Saviynt Unveils Identity Security for AI Agents
Saviynt launched Saviynt Identity Security for AI, a platform that extends enterprise‑grade identity controls to autonomous AI agents. The solution addresses a reported 91% of enterprises facing blind risk from unmanaged agents by delivering continuous discovery, lifecycle governance, and real‑time...
Persistent Systems & Global Defense Leaders Advance Secure Multinational Networking
Persistent Systems hosted its third Technical Exchange Meeting, gathering over 400 Wave Relay MANET users from more than 20 nations to tackle secure multinational networking for defense. The two‑day event in Brooklyn emphasized a data‑centric architecture that enables allied forces...
Dutch Finance Ministry Investigates Data Breach in Internal Systems
On March 19, the Dutch Ministry of Finance detected unauthorized access to internal policy‑department systems after a third‑party flagged suspicious activity. The ministry quickly blocked the intrusion and took affected systems offline, while core citizen services such as tax, customs...
Agentic AI and the Future of Threat Intelligence Operations - Sachin Jade - RSAC26 #2
At RSA 2026, Cyware’s Chief Product Officer Sachin Jade unveiled the company’s Agentic Fabric, an AI‑driven platform that embeds specialized agents into threat‑intelligence, detection‑engineering, and response workflows. The discussion highlighted how raw threat data can be transformed into actionable insights through STIX/TAXII...
Manage Vulnerability Noise at Scale with Auto-Dismiss Policies
GitLab has launched auto‑dismiss vulnerability policies that let security teams codify triage rules and apply them automatically on every default‑branch pipeline. By matching on file paths, directories or vulnerability identifiers (CVE/CWE), the system can dismiss up to 1,000 findings per...
Autonomous Cyberattacks Have Arrived, Defense Executives Say
Black‑hat groups have fully automated cyber‑attack capabilities using frontier AI models, a shift that outpaces current defense architectures, according to executives at the RSA Conference. These models can identify and weaponize unpatched software flaws, with a new wave expected within...
PTC Warns of Imminent Threat From Critical Windchill, FlexPLM RCE Bug
PTC has disclosed a critical remote‑code‑execution vulnerability (CVE‑2026‑4681) affecting its Windchill and FlexPLM product‑lifecycle‑management platforms. The flaw stems from unsafe deserialization of trusted data and impacts all supported versions, including every critical patch set. German federal police (BKA) have sent...
_imageBROKER.com_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
CSA Launches CSAI Foundation for AI Security
The Cloud Security Alliance unveiled CSAI, a new 501(c)3 nonprofit dedicated to AI security and safety, with a focus on governing the emerging "agentic control plane" that manages identity, authorization, and trust for autonomous AI agents. CSAI will run six...
CTEM for Healthcare: A Guide to Continuous Threat Exposure Management
Continuous Threat Exposure Management (CTEM) is a Gartner‑originated framework that shifts healthcare cybersecurity from periodic, patch‑centric vulnerability programs to real‑time, threat‑informed risk mitigation. CrowdStrike’s field CTO Cristian Rodriguez highlights that CTEM correlates exposures with exploitability, adversary behavior, and business impact,...
US Mortgage Sued over Ransomware Attack
Former US Mortgage employee Richard Bernich filed a federal negligence lawsuit after the lender suffered a ransomware attack in May 2025 that compromised Social Security numbers, financial details and limited medical data of consumers and staff. US Mortgage, which originated...
Australia's Critical Infrastructure Security Laws "Toothless"
An independent review has labelled Australia’s Security of Critical Infrastructure (SoCI) Act “toothless,” arguing that its penalties are treated as a routine cost rather than a deterrent. The review urges a shift from paperwork‑centric compliance to a penalty‑based risk‑management regime...
Addressing Mobile Device Risks in Healthcare: Strategies for Better Security and Compliance
Mobile devices have become essential in healthcare, but attacks on Android devices have surged 244%, exposing critical vulnerabilities. A recent Imprivata survey shows 44% of organizations lack formal mobile device policies and 55% have no visibility into device usage. Without...
HPE Bolsters Hybrid Mesh Firewall Platform
Hewlett Packard Enterprise announced an upgrade to its hybrid mesh firewall portfolio, adding AI‑focused controls that surface usage of AI applications, block high‑risk AI sites, and filter keywords and file uploads. The enhancements unify policy enforcement across physical, virtual and...
Popular AI Proxy LiteLLM Got Hacked with Malware that Spreads Through Kubernetes Clusters
Open‑source AI proxy library LiteLLM was compromised on PyPI, with versions 1.82.7 and 1.82.8 containing malware. The malicious code steals SSH keys, cloud credentials, database passwords, and Kubernetes configurations, encrypts them, and exfiltrates data to an external server while propagating...
Why Mac Users Should Pay More Attention to Malware Risks
Macs are shedding their reputation as malware‑free devices as Apple’s market share and remote‑work adoption surge. Cybercriminals now deploy adware, spyware, infostealers and trojans that exploit both technical flaws and human error. Social‑engineering attacks, pirated software and fake update prompts...
How Scammers Are Using the Iran Conflict to Try to Steal Your Money and Information
Scammers are exploiting the Iran conflict to launch impersonation, romance, and fake‑charity scams. They falsely claim fraudulent charges from Iran, pose as deployed military partners, or create bogus relief organizations to steal money and personal data. The Federal Trade Commission...
Understanding Wiz’s Approach to Securing the AI Supply Chain
The AI supply chain’s layered, multi‑cloud nature creates visibility gaps and unique vulnerabilities that traditional software‑security tools can’t fully address. Wiz proposes an AI‑CNAPP framework that unifies asset discovery, cloud‑posture management, workload protection, and continuous risk assessment across the entire...
All AI and Security Teams Need Transparent Data Pipelines
Organizations that rely on opaque AI data sources expose themselves to integrity risks, compliance gaps, and trust deficits. Without auditable pipelines, security teams cannot verify data quality, leading to hallucinations and regulatory violations such as under the EU AI Act....
Biometric Privacy Laws: What Your Business Needs to Know About Compliance
Employers increasingly use biometric technologies—fingerprint time clocks, facial recognition, and dash‑cam scanning—to boost security and efficiency. However, three states (Illinois, Texas, Washington) have enacted biometric privacy statutes that mandate employee notice, written consent, and strict data handling protocols. Illinois' Biometric...
Iran Wiped 50 Israeli Firms’ Data, Hacked Cameras, Official Says
Iran-linked hackers have intensified cyber operations against Israel since the recent war, wiping data from more than 50 small Israeli firms and breaching dozens of security cameras. Israel's National Cyber Directorate confirmed that critical infrastructure such as energy grids, banks...
Poland Faced a Surge in Cyberattacks in 2025, Including a Major Assault on the Energy Sector
Poland recorded a dramatic rise in cyber activity in 2025, logging roughly 270,000 attacks—2.5 times more than the previous year. The most serious incident was a destructive infiltration of a combined heat‑and‑power plant on Dec. 29, affecting services for about 500,000...
OVHcloud Founder Denies Massive 590TB Data Breach Claims
OVHcloud founder Octave Klaba denied a purported 590 TB data breach alleged by a user on BreachForums. The poster claimed to have exfiltrated data from 1.6 million OVH Fresh customers and up to 6 million active websites, yet only supplied a trivial email‑and‑phone sample....
Cyber Pros Must Grasp the Vibe Coding Nettle, Says NCSC Chief
National Cyber Security Centre chief Richard Horne warned that AI‑enhanced software generation, dubbed “vibe coding,” must be secured before it becomes mainstream. He argued that while insecure AI‑generated code could spread vulnerabilities, well‑trained models could produce secure‑by‑design software, reshaping development....
Internet-Exposed EoL Microsoft IIS Servers Remain Prevalent
More than 511,000 Microsoft Internet Information Services (IIS) servers that have reached end‑of‑life remain exposed on the public internet, according to the Shadowserver Foundation. Nearly half of these servers have outlived Microsoft’s Extended Security Updates window, leaving them unpatched and...
Attack Handoff Times Plummet, Exploits Remain Leading Attack Vector
The median time for attackers to hand off compromised networks fell dramatically to just 22 seconds in 2025, down from over eight hours in 2022, driven by tighter coordination and automation. Exploits continued to dominate initial infection, with CVE‑2025‑31324, CVE‑2025‑61882...
AT&T, Ericsson Call for 5G Network Security Rethink
AT&T and Ericsson have released a joint security blueprint that outlines how 5G networks—and the forthcoming 6G era—should be protected against AI‑driven threats, open‑architecture risks, and future quantum attacks. The paper advocates a collective, ecosystem‑wide approach, urging vendors, operators and...
Azure APIM Signup Bypass: 97.9% of Developer Portals Still Exploitable Anonymously and From the Internet
A critical Azure API Management (APIM) flaw lets attackers bypass the "disable signup" toggle and create accounts anonymously. Praetorian’s research shows 97.9% of internet‑facing Developer Portals still accept signup requests, exposing valid API keys and backend data. The vulnerability stems...
Credit Card Fraud Surging: Why You Should Freeze Your Credit
Credit card and identity fraud are accelerating, with the FTC reporting 503,450 credit‑card fraud cases and 379,898 other identity‑theft incidents in the first three quarters of 2025. A Pew Research Center survey finds 73% of U.S. adults have encountered an...
Silver Fox Cyber Campaigns Show Shift Toward Dual Espionage
Silver Fox, a cyber intrusion group, shifted its tactics from 2025 to early 2026, blending espionage with financially motivated crime. The campaigns targeted finance staff across Taiwan, Japan, and eight South Asian nations using tax‑authority phishing lures. Attack vectors progressed...
Google Brings AI-Powered Dark Web Analysis to Enterprise Security Teams
Google Cloud announced at RSA 2026 an AI‑driven agent called “Triage and Investigation” within its Security Operations platform, automating alert review and reducing false positives for SOC analysts. The same rollout includes an AI‑powered dark‑web analysis tool that sifts through...
Strengthen Cyber Resilience by Shifting to a Modern DR Model
Enterprises are moving away from the legacy Share tier disaster‑recovery model toward a workload‑first framework that groups applications into three recovery classes—basic, prioritized, and assured cyber recovery. The new approach emphasizes rapid restoration to a trusted state after ransomware, AI‑driven...
Risk-Based Security Is Reshaping the Channel Playbook
The managed services industry is moving from reactive ticket‑based support to proactive, risk‑based security models. Clients now demand continuous risk assessments, governance programs aligned with NIST CSF 2.0, ISO 27001 and SOC 2, and measurable outcomes that tie cyber risk to business performance....
Sumo Logic Extends SOC Analyst Agents to Enhance Threat Detection, Investigation, and Response
Sumo Logic announced an expanded suite of AI‑driven SOC Analyst Agents designed to move security operations from pure detection to actionable recommendation. The Dojo AI platform now offers a preview SOC Analyst Agent that suggests next‑best actions with explainable reasoning,...
This Microsoft Security Team Stress-Tests AI for Its Worst-Case Scenarios
Microsoft’s AI Red Team, operating since 2018, rigorously stress‑tests new artificial‑intelligence models before they reach customers. The group simulates attacks ranging from prompt‑jamming to code generation, probing whether systems can be coaxed into producing malicious outputs or aiding cyber‑crime. In...
Treasury Asks Whether Terrorism Risk Insurance Program Should Bolster Cyber Coverage
The U.S. Treasury Department has opened a public comment period to consider expanding the Terrorism Risk Insurance Program (TRIP) to cover cyber‑related losses stemming from acts of terrorism. The agency will incorporate feedback into a mandatory report to Congress due...
The AI Safety Conversation Is Focused on the Wrong Layer
Enterprises are grappling with fragmented identity systems that were designed for human users, but AI agents operate at machine speed, exposing critical security gaps. Ev Kontsevoy, CEO of Teleport, argues that the real problem is the lack of a unified...
Why a Secure Industrial Supply Chain Depends on Layered AI
Industrial supply chains are increasingly exposed to AI‑driven cyber threats that bypass traditional perimeter defenses. Vendors, OT devices, and cloud services now intersect, creating a unified attack surface where a single compromised credential can cascade across production, logistics, and revenue...
