CISA sets urgent deadline to fix Cisco flaw exploited in attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is giving federal agencies until Sunday to patch a ...
SecurityWeek

Exploitable CI/CD Vulnerabilities Expose Millions of Repositories to Hijacking

Cordyceps, a systemic class of exploitable CI/CD vulnerabilities, allows unauthenticated attackers to hijack developer ...
ITWeb Africa

How attackers exploit malicious, vulnerable software libraries to launch stealth attacks

Companies must be capable of detecting malicious DLLs and vulnerabilities in software libraries to prevent early-stage ...
Infosecurity Magazine

Lookalike npm Package Hides a Multi-Stage Windows RAT

A malicious npm package has been caught impersonating one of the JavaScript ecosystem's most widely used build tools. The ...
Infosecurity Magazine

OpenAI Expands Daybreak to Help Defenders Patch Flaws

OpenAI has expanded its cyber-defense program Daybreak, arguing that artificial intelligence (AI) has flipped the hardest ...
Windows Report

OpenAI Expands Daybreak With GPT-5.5-Cyber and New Security Tools

OpenAI has unveiled a major expansion of its Daybreak cybersecurity initiative, introducing new AI-powered tools, ...
The Hacker News

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution

Microsoft details AutoJack exploit chain targeting AutoGen Studio MCP WebSocket in pre-release builds, enabling ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
securitybrief

Chainguard launches scanner to block npm malware greyware

The tool has already blocked more than 52,000 risky npm packages as supply chain attacks continue to hit software teams.
SMEChannels

CrowdStrike Report Warns AI Race Is Fueling a New Wave of Cyber Espionage Against Global Technology Firms

As artificial intelligence becomes the defining battleground of technological leadership, CrowdStrike’s 2026 Technology ...
CSO Online

Meet Hades: The malware that lies to AI security agents

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...
Morningstar

CrowdStrike 2026 Technology Threat Landscape Report: China Steals AI Capabilities It Can’t Build

Technology is the world’s most targeted industry as adversaries exploit the AI being built and the tools used to build it CrowdStrike (NASDAQ: CRWD) today released the CrowdStrike 2026 Technology ...