New Research: 64% of 3rd-Party Apps Access Sensitive Data Without Justification
A study finds 64% of third-party apps access sensitive data without a business need, exposing government…
AI Agents: Authorization Bypass Risks and Security
AI agents in enterprises can bypass access controls, enabling unauthorized actions. Security teams need visibility and…
Researchers Null-Route Over 550 Kimwolf and Aisuru Botnet Command Servers
Lumen Technologies null-routed traffic to over 550 C2 nodes of the AISURU/Kimwolf botnet, which enslaves devices…
Microsoft Disrupts RedVDS Cybercrime Infrastructure Used for Fraud
Microsoft shut down RedVDS, a crimeware subscription service used for phishing and BEC fraud, linked to…
4 Outdated Habits Destroying Your SOC’s MTTR in 2026
In 2026, leading SOCs reduce MTTR and MTTD by using automated, behavior-based analysis instead of manual…
Model Security Is the Wrong Frame – The Real Risk Is Workflow Security
AI security shifts to workflows: Malicious extensions stole data from 900,000 users & prompt injections abused…
ThreatsDay Bulletin: AI Voice Cloning Exploit, Wi-Fi Kill Switch, PLC Vulns, and 14 More Stories
Weekly recap: AI voice cloning, $26M crypto hack, PLC and Wi-Fi flaws, RMM phishing, and ransomware…
Drones to Diplomas: Russia’s University Linked to $25M Essay Mill
A $25M essay mill has ties to a Kremlin-connected oligarch whose Russian university builds drones for…
Who Benefited from Aisuru & Kimwolf Botnets?
Uncovering the network operators and proxy services that profited from the Aisuru and Kimwolf botnets, which…
Microsoft updates Windows DLL causing security alerts
Microsoft resolves issue causing security apps to flag Windows component WinSqlite3.dll (CVE-2025-6965) as vulnerable in Windows…
Latest Posts
- Drones to Diplomas: Russia’s University Linked to $25M Essay Mill
- The Kimwolf Botnet is Stalking Your Local Network
- Who Benefited from the Aisuru and Kimwolf Botnets?
- Windows 11 PCs may fail to shut down after January update: Microsoft confirms
- Cisco Patches AsyncOS Zero-Day Exploited Since November 2025
