20 articles
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: TeamPCP breached GitHub’s internal codebase via poisoned VS...
Vulnerability researchers have spent the past year arguing about whether AI agents can find real bugs at scale or whether they mostly generate noise. A pipel...
Google API keys are credentials that let applications access Google services, from Maps to the Gemini AI. If a key is leaked, an attacker can use it to make ...
Kore.ai has launched the new-generation Kore.
U.S.
Versa has introduced a patent-pending zero trust architecture for the Model Context Protocol (MCP), applying zero trust principles to AI execution. The compa...
GitLab released GitLab 19.0 with expanded secrets management, agentic merge request workflows, improved CI pipeline visibility, support for self-hosted open-...
Proton Pass, a secure, end-to-end encrypted password manager, added credential sharing through AI access tokens, allowing users to give AI agents access to s...
Keepnet, an Extended Human Risk Management (xHRM) platform, today announced that its voice and SMS phishing simulation data contributed to the 2026 Verizon D...
The Cybersecurity and Infrastructure Security Agency launched a new nomination form that lets researchers, vendors, and industry partners report known exploi...
Microsoft 365 access tokens are being targeted by an emerging Phishing-as-a-Service (PhaaS) platform called Kali365, the FBI is warning. First observed in Ap...
Probing how a CPU isolates user code from kernel code is messy work. Researchers patch kernels, write drivers, or boot stripped-down bare-metal programs, and...
The average cost of downtime has reached $600 billion for the Global 2000, a 50% increase in two years. According to Splunk’s The Hidden Costs of Downtime re...
Scams have become one of the fastest-growing consumer risks, driven by AI-enabled impersonation, social engineering, and sophisticated attack methods, accord...
Here’s a look at the most interesting products from the past week, featuring releases from ASAPP, Babel Street, CTERA, Forward, Riverbed, and Trust3 AI. Babe...
Microsoft has open-sourced two tools aimed at bringing security discipline to AI agent development: Clarity, a structured design review tool, and RAMPART, a ...
First VPN, a virtual private network service marketed to cybercriminals, promising anonymity for its users, was taken offline on May 19 and 20 as part of Ope...
GitHub CISO Alexis Wales has named the malicious VS Code extension behind the breach they suffered at the hands of the threat group TeamPCP: Nx Console, a po...
Attackers are exploiting two Microsoft Defender vulnerabilities (CVE-2026-41091 and CVE-2026-45498), Microsoft acknowledged and CISA confirmed by adding them...
Virtru unveiled Virtru Collaborate, a new offering that eliminates that tradeoff, a FedRAMP authorized space where sensitive files are encrypted and protecte...