Category: Uncategorized
-
New AI Usage Report: Enterprise AI Risk Is Heavily Concentrated Among a Small Group of AI “Power users” [email protected] (The Hacker News)
State of AI Usage Report 2026 (full report here) by LayerX Security reveals the extent of the enterprise AI visibility gap and why most organizations still don’t understand where their AI exposure is actually coming from. The research shows that enterprise AI risk is not distributed evenly across users or platforms. Instead, it is heavily…
-
How to secure data at rest, in use and in motion
Data is the lifeblood of modern commerce; securing it properly requires a top-level, strategic commitment that dovetails with risk management and competitive advantage.Read More
-
JINX-0164 Targets Cryptocurrency Firms with Fake Recruiter Lures and macOS Malware [email protected] (The Hacker News)
A new campaign orchestrated by a previously undocumented threat actor has targeted cryptocurrency organizations with an aim to facilitate digital asset theft using recruitment-themed social engineering and bespoke macOS malware. “These campaigns leveraged sophisticated social engineering techniques, custom macOS malware, and deep targeting of CI/CD infrastructure,” Wiz researchers Shira Ayal,Read More
-
Citrix NetScaler Memory Overread Vulnerability
Exploitation activity targeting vulnerable Citrix NetScaler ADC and Gateway appliances remains persistent and widespread, with FortiGuard Labs telemetry continuously observing attack attempts from global sources probing exposed NetScaler SAML endpoints for vulnerable configurations. Analysis from FortiGuard IPS sensors shows sustained targeting of internet-facing NetScaler deployments configured as SAML Identity Providers (IdP). Attackers continue using malformed…
-
OT attacks shift from recon to physical control, raising stakes
Malicious hackers are no longer just snooping around OT systems, researchers warn. They’re preparing to cause real-world damage.Read More
-
For CISOs, dawn of OpenAI Daybreak brings good and bad news
OpenAI Daybreak shows how AI reshapes vulnerability discovery. But AI-driven security tools raise accountability questions and fuel the AI arms race between defenders and attackers.Read More
-
Grandoreiro Malware and BTMOB RAT Campaigns Target Windows and Android Users [email protected] (The Hacker News)
Latin America and Europe become the target of two banking trojan campaigns that are designed to infect Windows and Android devices with Grandoreiro and BTMOB malware, respectively. That’s according to new findings from WatchGuard and ESET, which have observed the two malware families being used to single out companies in Spain, Portugal, and Mexico, as…
-
Malicious npm Package Stole Files From Claude AI User Directory via GitHub [email protected] (The Hacker News)
Cybersecurity researchers have discovered a new malicious package on the npm registry that comes with information stealing capabilities. According to OX Security, the package, named “mouse5212-super-formatter,” is designed to upload files from “/mnt/user-data,” a dedicated directory used by Anthropic’s Claude artificial intelligence (AI) tool to handle uploads and outputs in the background. TheRead More
-
Gartner Security & Risk Management Summit 2026: Adapting for AI
Check out SearchSecurity’s Gartner Security & Risk Management Summit guide for reports on notable presentations and sessions on the latest security topics.Read More
-
GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure [email protected] (The Hacker News)
CrowdStrike, in partnership with Google and the Shadowserver Foundation, has announced the simultaneous disruption of all command-and-control (C2) channels associated with GlassWorm, a persistent software chain campaign targeting software developers through malicious packages and extensions. “Since at least early 2025, GlassWorm operators have systematically targeted software developers, aRead More