NetSPI AI-powered Continuous Pentesting identifies high-impact vulnerabilities
NetSPI launched AI-powered Continuous Pentesting offerings, designed to help organizations continuously identify, validate and reduce risk across dynamic ext...
General
20 articles
The hidden risk of non-human identities in AI adoption
An employee with persistent, unsupervised admin access across critical systems, with no audit trail, no clear owner, and no regular access reviews, would rai...
Falcon AIDR Detects Threats at the Prompt Layer in Kubernetes AI Applications
Researchers open-source a Wi-Fi cyber range for security training
Wireless security training programs lean heavily on generic network labs, with Wi-Fi appearing as a checkbox alongside Bluetooth, Zigbee, and cellular. Hands...
Android pushes new scam, theft, and AI protections in 2026 update wave
Phone scammers spoofing bank caller IDs have driven an estimated $980 million in annual losses worldwide, according to Europol. Android’s 2026 security roadm...
ISC Stormcast For Wednesday, May 13th, 2026 https://isc.sans.edu/podcastdetail/9930, (Wed, May 13th)
Proxying the Unproxyable? Sending EXE traffic to a Proxy, (Wed, May 13th)
..
[webapps] coreruleset 4.21.0 - Firewall Bypass
coreruleset 4.21.
[webapps] Flowise < 3.0.5 - Missing Authentication for Critical Function
Flowise < 3.0.
[webapps] Ninja Forms Uploads - Unauthenticated PHP File Upload
Ninja Forms Uploads - Unauthenticated PHP File Upload
[webapps] glances 4.5.2 - command injection
glances 4.5.
US govt seeks Instructure testimony on massive Canvas cyberattack
The U.S.
Accelerating detection engineering using AI-assisted synthetic attack logs generation
What if you could generate realistic attack telemetry on demand? Explore research methods that translate attacker behaviors (TTPs) into synthetic logs that c...
Fedora Hummingbird brings the container security model to a Linux host OS
Container image security pipelines have spent the past several years pushing toward minimal footprints, hermetic builds, and continuous CVE remediation. The ...
Defense at AI speed: Microsoft’s new multi-model agentic security system finds 16 new vulnerabilities
Today Microsoft is announcing a major step forward in AI-powered cyber defense: a new multi-model agentic scanning harness (codenamed MDASH). The post Defens...
Defense at AI speed: Microsoft’s new multi-model agentic security system tops leading industry benchmark
Today Microsoft is announcing a major step forward in AI-powered cyber defense: a new multi-model agentic scanning harness (codenamed MDASH). The post Defens...
Proofpoint Launches Dedicated MSP Business Unit and Introduces 365 Total Protection for North America
AWS Security Agent full repository code scanning feature now available in preview
Today, we’re excited to announce the preview release of full repository code review, a new capability in AWS Security Agent that performs deep, context-aware...
Canvas Hackers ShinyHunters Say Their Official Domain Was Suspended
ShinyHunters says its shinyhunte.rs domain was suspended after the Canvas LMS attacks, forcing the group to move fully to its dark web (.
Fighting fire with fire: Defending against Mythos-powered cyberattacks
How AI-powered exposure management reduces the opportunities AI-powered attackers depend on.