Cybercriminals are using AI to attack the cloud faster - and third-party software is the weak link

Google's latest threat report warns that third-party tools are now prime targets for attackers - and businesses have only days to secure them.
Ministry of Testing

Delivering quality and deploying on time when your team is small

Transform your team’s approach to quality from a late-stage gatekeeper process into a proactive, shared responsibility that ...

Avira antivirus allows code smuggling

Three high-risk security vulnerabilities in Avira antimalware software allow attackers to execute code with system privileges, among other things.

Nextcloud: Code smuggling possible through loophole

In Nextcloud Flow, attackers can exploit a security vulnerability to compromise the instance. An update is available.
American Banker

LexisNexis hit by second data breach in two years

Cybercriminals say they stole sensitive records by exploiting an unpatched vulnerability known as React2Shell and using the ...
The Hacker News

Transparent Tribe Uses AI to Mass-Produce Malware Implants in Campaign Targeting India

Transparent Tribe uses AI tools to mass-produce polyglot malware targeting India using Slack, Discord, and Google Sheets C2.

Endor Labs launches free tool AURI after study finds only 10% of AI-generated code is secure

Endor Labs launches AURI, a free security platform that embeds directly into AI coding assistants like Cursor and Claude to ...
Microsoft

AI as tradecraft: How threat actors operationalize AI

Threat actors are operationalizing AI to scale and sustain malicious activity, accelerating tradecraft and increasing risk for defenders, as illustrated by recent activity from North Korean groups ...