Avada Builder WordPress plugin flaws allow site credential theft
Two vulnerabilities in the Avada Builder plugin for WordPress, with an estimated one million active installations, allow hackers to read arbitrary files and ...
General
20 articles
Microsoft caves in: Edge to stop loading passwords in memory on startup
Microsoft is updating the Edge web browser to ensure it no longer loads saved passwords into process memory in clear text at startup. [.
Microsoft Edge to stop loading cleartext passwords in memory on startup
Microsoft is updating the Edge web browser to ensure it no longer loads saved passwords into process memory in clear text at startup. [.
When compliance isn’t continuous, that’s a security risk
Companies need to treat compliance as a service that helps the business compete.
Gremlin Stealer Evolves into Modular Threat with Advanced Evasion Capabilities
A new Gremlin stealer variant has evolved into a modular toolkit with advanced evasion and data theft capabilities, according to new Unit 42 research
Google lets Workspace admins apply one policy across all SAML apps
Google has updated Context-Aware Access (CAA) in Google Workspace to introduce a default policy assignment for SAML applications. SAML applications are third...
Microsoft to automatically roll back faulty Windows drivers
Microsoft is introducing a new Windows Update capability that will allow it to remotely roll back problematic Windows drivers delivered through Windows Updat...
The blind spot in AI security: Resilience for model and training data
AI resilience, not speed alone, will decide which enterprises survive AI-era breaches.
Akamai to acquire LayerX for $205 million
Akamai has entered into a definitive agreement to acquire LayerX, a provider of browser-based AI usage control and secure enterprise browser (SEB) technology...
Bypassing On-Camera Age-Verification Checks
Some AI-based video age-verification checks can be fooled with a fake mustache.
Autonomous systems are finally working. Security is next
Waymo recently crossed a major milestone: Over 170 million autonomous miles driven without a single serious crash or injury. For years, autonomous driving wa...
EU’s Cyber Resiliency Act will put IT leaders to the test
Unlike most cyber security regulations, the EU’s Cyber Resilience Act is about product safety rather than processes or certification, extending the CE mark f...
Beyond deepfakes: Building identity resilience against AI impersonation
Generative AI is changing the economics of identity fraud. Voice cloning, real-time face animation, synthetic documents, and AI-assisted social engineering a...
Tenable warns AI adoption is outpacing governance as cloud exposure risks surge
A new report from Tenable is warning that organizations are creating what it describes as a growing “AI exposure gap,” as enterprises race to deploy AI tools...
Multiple cPanel Vulnerabilities Could Lead to Sensitive Resource Exposure
Multiple newly disclosed vulnerabilities in cPanel & WHM, including the critical CVE‑2026‑41940 authentication bypass bug and a cluster of May 2026 flaws, co...
Chrome 148 Update Patches Critical Vulnerabilities
The refresh resolves critical-severity use-after-free and other types of bugs in various browser components. The post Chrome 148 Update Patches Critical Vuln...
Keycard helps developers secure autonomous AI agents with scoped access
Keycard has announced Keycard for Multi-Agent Apps, extending its platform to support delegated, session-based access across systems of autonomous agents. Ke...
Deepfake detection is losing ground to generative models
Deepfake detection has been built around a single question for close to a decade. Given a video or audio clip, is it real or synthetic?
Dell SupportAssist Update Forces Windows Systems Into BSOD Loop
A faulty update to Dell’s SupportAssist Remediation service is triggering widespread system crashes, forcing thousands of Dell and Alienware devices into con...
Zombie linkages are keeping expired domains trusted for years
Domains expire, get transferred, and return to the market every day. The systems connected to those domains can continue trusting the original owner long aft...