Researcher Drops YellowKey, GreenPlasma Windows Zero-Days
YellowKey is a BitLocker bypass that requires physical access. GreenPlasma enables elevation of privileges to System.
General
20 articles
Simple bypass of the link preview function in Outlook Junk folder, (Thu, May 14th)
Besides serving as a place where Microsoft Outlook places suspected spam, the Outlook Junk folder has one additional function that can be quite helpful when ...
Vector embedding security gap exposes enterprise AI pipelines
Enterprise adoption of retrieval-augmented generation has moved sensitive corporate content into a new storage format that existing security tools cannot ins...
Closing the AI governance gap in your enterprise
In this Help Net Security video, Casey Bleeker, CEO at SurePath AI, talks about the AI governance gap that exists in almost every organization. Drawing from ...
Now Live: The CrowdStrike 2026 Financial Services Threat Landscape Report
ISC Stormcast For Thursday, May 14th, 2026 https://isc.sans.edu/podcastdetail/9932, (Thu, May 14th)
Machine identities outnumber humans 109 to 1
Organizations manage an average of 109 machine identities for every human identity. AI agents account for a growing share of those identities, with companies...
TeamPCP Claims Sale of Mistral AI Repositories Amid Mini Shai-Hulud Attack
TeamPCP claims to be selling alleged Mistral AI repositories on a hacker forum after the Mini Shai-Hulud attack targeted npm and PyPI ecosystems.
[webapps] ePati Antikor NGFW 2.0.1301 - Authentication Bypass
ePati Antikor NGFW 2.0.
[webapps] PJPROJECT 2.16 - Heap Bufferoverflow
PJPROJECT 2.
[webapps] WordPress Plugin Supsystic Contact Form 1.7.36 - SSTI
WordPress Plugin Supsystic Contact Form 1.7.
Beyond Acceleration and Automation: How AI + Intelligence Changes Cyber Defense
The real question in modern cyber defense isn't who has more technology. It's who uses their resources more efficiently.
Researchers say AI just broke every benchmark for autonomous cyber capability
Two independent studies found that Anthropic's Claude Mythos Preview and OpenAI's GPT-5.5 have outpaced every trend line researchers were tracking.
West Pharmaceutical says hackers stole data, encrypted systems
West Pharmaceutical Services disclosed that it was the target of a cyberattack that resulted in data exfiltration and system encryption. [.
Closed briefing sets stage for House hearing on Anthropic’s Mythos and cyber risks
The committee held a closed briefing Wednesday with company reps, and more oversight is in the works. The post Closed briefing sets stage for House hearing o...
Detecting and preventing crypto mining in your AWS environment
This article guides you on how to use Amazon GuardDuty to identify and mitigate cryptocurrency mining threats in your Amazon Web Services (AWS) environment. ...
DOJ releases legal rationale for nationwide voter data collection
The memo claims a robust executive branch role vetting voter eligibility. One Secretary of State called it a “fantasy” that “isn’t worth the paper it’s print...
Alleged Dream Market admin arrested in Germany after US indictment
Court documents said Dream Market was launched in 2013 by Owe Martin Andresen and others before becoming one of the biggest criminal marketplaces online.
The CISO shortage: Finding leadership without a leader
Thanks to AI, full-time CISO services may become available to firms that can't afford a full-time CISO.
Introducing the updated AWS User Guide to Governance, Risk, and Compliance for Responsible AI Adoption
The financial services industry (FSI) is using AI to transform how financial institutions serve their customers. AI solutions can help proactively manage por...