Microsoft open-sources tools for designing and testing AI agents
Microsoft has open-sourced two tools aimed at bringing security discipline to AI agent development: Clarity, a structured design review tool, and RAMPART, a ...
General
20 articles
European authorities take down prolific cybercrime VPN service
Officials arrested the alleged administrator of First VPN, seized its servers and domains. Europol said the service appeared in almost every major recent cyb...
Deleted Google API Keys Remain Active up to 23 Minutes, Study Finds
Deleted Google API Keys remain active for up to 23 minutes after deletion, exposing GCP, Gemini, BigQuery, and Maps data to attackers.
Automating identity lifecycle and security with AWS Directory Service APIs
Managing identities and access across complex environments has become more critical than ever. AWS Directory Service for Managed Microsoft Active Directory, ...
AI Governance Explained: How to Secure Data, Control Risk & Stay Compliant - WC #1
What’s new in Microsoft Security: May 2026
Microsoft Security’s latest updates extend visibility, control, and protection across expanding ecosystems as organizations accelerate AI adoption. The post ...
How identity became the new security battleground
Exploits happen in minutes in the AI era – so 43 days to fully remediate just doesn’t cut it today.
Apple blocked over $11 billion in App Store fraud in 6 years
Apple revealed that it blocked over $11 billion in fraudulent App Store transactions over the last six years, more than $2.2 billion in potentially fraudulen...
Attackers are bypassing MFA on SonicWall VPNs because something was wrong with previous fix
Attackers bypassed MFA on patched SonicWall Gen6 VPNs because admins missed extra manual steps required to fully fix the flaw. There is a particular kind of ...
Selective HTTP Proxying in Linux, (Thu, May 21st)
Recently, Rob wrote about a tool, Proxifier, that can intercept requests from specific processes. Proxifier is available for Windows, macOS, and Android.
Three-Quarters of Firms Knowingly Ship Vulnerable Code
AI risks threaten to permeate supply chains through unvetted code and unaudited suppliers
Nine-Year-Old Linux Kernel Flaw Leaks SSH Keys and Password Hashes
Qualys finds nine-year-old Linux ptrace flaw exposing SSH keys and password hashes locally
ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI Intrusions, Scam Kits and 25 New Stories
This week starts small. A token leaks.
Ocean Emerges From Stealth With $28M for Agentic Email Security Platform
The company has developed a platform that uses specialized AI agents to inspect every incoming message. The post Ocean Emerges From Stealth With $28M for Age...
Discord Enables End-to-End Encryption by Default Across Voice and Video Features
Discord has officially enabled end-to-end encryption (E2EE) by default for all voice and video communications across its platform, marking a significant shif...
Apple Rejected 2 Million App Store Submissions in 2025 for Security and Fraud Prevention
The company blocked over 1.1 billion accounts and $2.
Flipper One project needs community help to build open Linux platform
Flipper Devices, the maker of the Flipper Zero pentesting tool, is asking the community to help build Flipper One, an open Linux platform for connected devic...
Socket Raises $60 Million at $1 Billion Valuation
The company will invest in its firewall, certified patches, protection extensions, new products, and team expansion. The post Socket Raises $60 Million at $1...
When Identity is the Attack Path
Consider a cached access key on a single Windows machine. It got there the way most cached credentials do - a user logged in, and the key stored itself autom...
Microsoft releases open-source tools to operationalize AI agent safety
Microsoft has open-sourced two new tools aimed at bringing AI safety checks much earlier into the agent development lifecycle. The tools, called Rampart and ...