An AI coding assistant that refuses to answer a dangerous request in its chat box can answer it anyway if the same request is broken into small, ordinary-looking steps inside a code editor. That...
Learn how to secure HPC AI infrastructure against runtime and supply chain threats via continuous behavioral monitoring.
Senior research fellow Jon Penney and co-author Bruce Schneier argue that widely deploying AI surveillance could be corrosive to democracy. The post AI Surveillance Is Being Supercharged–And It...
'GhostApproval' problem highlights human-in-the-loop fails
Tanium security advisory (AV26-673)
National vulnerability database claims monitoring mechanism can forward Chinese users' data to remote servers
n8n security advisory (AV26-672)
On December 25, 2024, Azerbaijan Airlines Flight 8243 was reportedly shot down by a Russian air defense system after experiencing GPS jamming – likely also originating from Russia. Thirty-eight...
Ubiquiti security advisory (AV26-671)
In the brief history of AI security, the prompt injection has quickly become the top threat. Large language models are inherently unable to distinguish between legitimate instructions provided by...
Fewer than 15 of Britain’s 350 largest listed companies signed up to the government’s flagship voluntary cybersecurity scheme at its launch on Tuesday, eight months after ministers wrote...
When mounted to a vehicle, the U.S. Army’s Volcano mine dispenser can blanket roughly 32 acres with up to 960 mines. Now, the service is testing a system that can do the same thing without a...
A Chinese threat actor tracked as UAT-7810 is actively refining its bespoke malware to expand its Operational Relay Box (ORB) network by breaking into internet-facing networking devices. According...
We're all petrified about missing a critical event or misclassifying an alert, but when we're talking about incident response (IR), there are often hundreds if not thousands of alerts to parse...
Uncovering a category-level blind spot in modern AI coding assistants, and why the Human-in-the-Loop safety model fails against this classic threat
Proofpoint researcher tells The Reg: 'We estimate the total volume of targets would be a few dozen'
Langflow security advisory (AV26-670)
Protect the modern attack surface with new auto-reconnaissance capabilities, deep internal context, and the Red Agent to find any risk, anywhere.
Researchers at Nebula Security have disclosed GhostLock (CVE-2026-43499), a 15-year-old Linux kernel flaw that lets any logged-in user take full root control of a machine that has not been...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation....
Last week, national security agencies from the Five Eyes—that’s the rich, English-language-speaking countries club—jointly released a statement warning of the increasing cyber risks of AI models:...
Scammers are hijacking government websites to upload ads for “leaked” OnlyFans content. Thousands of copyright complaints from adult creators are helping people avoid malicious links.
Burst water mains. Evacuated hospitals. In a closed-door simulation, insurers played out their response to a mass disruption by China’s Volt Typhoon hackers—and found a nightmare scenario.
Artificial intelligence is increasingly integrated into everyday life, driving everything from social media algorithms and streaming recommendations to personalized smartphone assistants. While...
SOC and CTI teams spend a significant part of their day maintaining context that should already be there. The assets they monitor, the technologies they protect, the threat actors they track, this...
A view of the H1 2026 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts.
For many years, we’ve released an annual artwork. These are always hand crafted by our people or an artist. Here is this year’s piece and the story behind it. This year’s artwork was created by...
What HappenedOfficers from the City of London Police’s Dedicated Card and Payment Crime Unit (DCPCU) secured the conviction of a man who used an SMS Blaster device to send fraudulent text messages...
The real AI threat isn't frontier models. It's cheap local models getting easier to run. Here's why CISOs should build defensive agents now, before attackers scale.
Datadog Security Labs identified multiple coordinated campaigns abusing the GitHub API to systematically enumerate organizations, repositories, users, and software development activity at scale....