American Lending Center data breach impacts over 123,000 individuals
The breach involved a ransomware attack where threat actors compromised the internal network and accessed files containing personal identifying information.
SC Media
20 articles
Cisco, Canvas, Microsoft, Exchange 0-Days, NPM Backdoors, GPT-5.5 and more... - SWN #581
When compliance isn’t continuous, that’s a security risk
Companies need to treat compliance as a service that helps the business compete.
Permiso launches AI agent runtime security
The new capabilities extend Permiso’s unified identity platform to address the growing challenge of securing AI agents, which are increasingly making autonom...
Critical vulnerability in Burst Statistics plugin allows admin takeover
The flaw, identified as CVE-2026-8181, was introduced in version 3.4.
The blind spot in AI security: Resilience for model and training data
AI resilience, not speed alone, will decide which enterprises survive AI-era breaches.
New Linux privilege escalation flaw ‘Fragnesia’ disclosed; PoC available
Fragnesia is at least the fourth privilege escalation flaw affecting Linux systems disclosed in the last three weeks.
Trump administration's voter data collection efforts face legal challenges
The Department of Justice's Office of Legal Counsel issued a memo arguing that a provision in the 1960 Civil Rights Act, requiring election officials to reta...
Fake job interviews used to deploy JobStealer malware
The campaign involves scammers posing as recruiters and inviting victims to online interviews via custom platforms that mimic legitimate services like Cisco ...
Alleged Dream Market administrator indicted on money laundering charges
Owe Martin Andresen, 49, faces six counts each of international concealment money laundering and concealment money laundering, potentially leading to 20 year...
Broadcom patches high-severity VMware Fusion flaw allowing local privilege escalation
The vulnerability is a time-of-check time-of-use (TOCTOU) flaw affecting operations performed by a SETUID binary.
Fleet Device Management launches autonomous endpoint management platform
Fleet's new platform aims to shorten patch cycles from an industry average of 55 to 94 days to under two weeks, and in some cases, hours.
SecurityScorecard acquires Driftnet to enhance AI-driven risk management
The acquisition of Driftnet will see its internet scanning engine integrated into SecurityScorecard's TITAN AI platform.
Two vulnerabilities found in popular WordPress plugin Avada Builder
The vulnerabilities, disclosed by Wordfence, include an arbitrary file read flaw (CVE-2026-4782) requiring subscriber-level access and a high-severity SQL in...
Critical 'NGINX Rift' vulnerability discovered, present for 18 years
The vulnerability, with a CVSS v4 score of 9.2, resides in the ngx_http_rewrite_module and affects a significant portion of internet infrastructure due to NG...
You're not going to patch your way out of this - PSW #926
Cyber Insurance Explained: What CISOs MUST Know Before a Breach - WC #1
How Agentic AI made org charts obsolete
AI has blown up role-based access – here’s how teams can change their mindset in this new era.
Microsoft details new AI system for vulnerability discovery
The MDASH system, developed by Microsoft's Autonomous Code Security team, utilizes over 100 specialized AI agents to find and validate exploitable bugs.
Critical Exim vulnerability allows remote code execution
The vulnerability, a user-after-free flaw, occurs during the TLS shutdown process when handling chunked SMTP traffic.