[Webinar] Securing Agentic AI: From MCPs and Tool Access to Shadow API Key Sprawl
AI agents now build and run software automatically. Insecure MCPs and CVE-2025-6514 show how trusted automation…
PLUGGYAPE Malware Targets Ukrainian Defense Forces via Signal and WhatsApp
CERT-UA reports PLUGGYAPE malware attacks targeting Ukrainian defense forces via Signal and WhatsApp, using phishing links…
AI Agents: A New Authorization Bypass Risk for Organizations
Organizational AI agents boost automation, but their broad permissions can bypass access controls, creating security blind…
Researchers Null-Route Over 550 Kimwolf and Aisuru Botnet Command Servers
Lumen Technologies null-routes traffic to over 550 Kimwolf/Aisuru botnet C2s. The botnets compromised millions of Android…
Microsoft Disrupts RedVDS Cybercrime Infrastructure Used for Online Fraud
Microsoft shut down RedVDS, a crimeware subscription service for phishing and BEC fraud, linked to $40M…
4 Outdated Habits Destroying Your SOC’s MTTR in 2026
Leading SOCs reduce MTTR and MTTD by using automated, behavior-based analysis instead of manual reviews and…
Reprompt Attack Reveals Single-Click Data Exfiltration from Microsoft Copilot
Researchers uncovered a Reprompt attack enabling data exfiltration from Microsoft Copilot via prompt injection, now fixed…
Drones to Diplomas: Russia’s University Linked to $25M Essay Mill
KrebsOnSecurity exposes a Russian university’s link to a $25M essay mill and drone development for Russia’s…
Who Benefited from the Aisuru and Kimwolf Botnets?
An investigation into who profited from the Kimwolf botnet, which infected over two million devices. Uncovering…
ChatGPT’s cross-platform ‘Agora’ feature emerges in testing
OpenAI is internally testing a potential cross-platform feature for ChatGPT, codenamed “Agora”, hinted at in recent…
Latest Posts
- Drones to Diplomas: Russia’s University Linked to $25M Essay Mill
- The Kimwolf Botnet is Stalking Your Local Network
- Who Benefited from the Aisuru and Kimwolf Botnets?
- Windows 11 PCs may fail to shut down after January update: Microsoft confirms
- Cisco Patches AsyncOS Zero-Day Exploited Since November 2025
