Tag: cybersecurity
-
Keysight launches new cybersecurity test platform for AI traffic
First seen on scworld.com Jump to article: www.scworld.com/brief/keysight-launches-new-cybersecurity-test-platform-for-ai-traffic
-
EU takes member states to court over unimplemented cybersecurity law
Ireland, Spain, France and the Netherlands are more than 20 months late in transposing the NIS2 Directive for the cybersecurity of critical infrastructure. First seen on therecord.media Jump to article: therecord.media/eu-cyber-filing-ireland-spain-france-netherlands-nis2
-
75% CISOs Fear Executives Don’t Understand Cybersecurity Risks Employees Face
Survey of cybersecurity leaders by MetaCompliance finds that many feel boards are uninterested in ever-evolving cyber risks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cisos-fear-execs-dont-understand/
-
GodDamn Ransomware Uses PoisonX Driver to Disable Endpoint Defenses
Cybersecurity researchers have flagged a new ransomware family called GodDamn that employs the PoisonX kernel driver to neutralize security software as part of its defense evasion strategy.According to a new report published by the Threat Hunter Team from Symantec, the ransomware was first publicly spotted in the wild on May 21, 2026. It’s assessed to…
-
New AI Security Charter Backed by Over 70 Cyber Firms
Over 70 cybersecurity organizations have signed the CREST AI Charter detailing responsible use of AI for security First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/crest-ai-security-charter-cyber/
-
Cybercriminals Plant Malicious AI Agents in Open Source Tool Repositories
Cybersecurity researchers at ESET identify big rise in suspicious and malicious toolsets which put users at risk from cyber-attacks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cybercriminals-plant-ai-agents/
-
Fake 7-Zip Installers Turn Devices Into Residential Proxy Nodes
Cybersecurity researchers have disclosed details of a new threat actor dubbed Lurking Lizard that has been operating an end-to-end malicious residential proxy business using an infrastructure comprising more than 230 lookalike domains.The activity dates back to at least August 2022, according to DNS threat intelligence firm Infoblox. Once such campaign, observed earlier this year, involved…
-
Smashing Security podcast #475: JadePuffer the AI that ran a ransomware attack all by itself
A 15-year-old boy asked a chatbot for help – and cancelled nearly 47,000 anime streaming subscriptions in under four hours. Meanwhile, researchers have documented the first fully autonomous, agentic AI-driven ransomware attack, “JadePuffer”. What does this tell us about the future of cybersecurity? First seen on grahamcluley.com Jump to article: grahamcluley.com/smashing-security-podcast-475/
-
Mexico’s New Cyber Plan Faces Its First Real Test
The Latin American nation’s cybersecurity plan, still in the expansion phase, has to survive its own knockout round during the FIFA World Cup. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/mexicos-cyber-plan-first-real-test
-
OpenAI Readies GPT-5.6 for Public Launch After Federal Testing
Delayed Rollout Highlights Enterprise Risk as Frontier AI Becomes Strategic Infrastructure. OpenAI’s GPT-5.6 is slated for public release Thursday after federal testing and a limited preview. The rollout underscores how frontier artificial intelligence access is becoming a governance, cybersecurity and operational risk issue for enterprises. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/openai-readies-gpt-56-for-public-launch-after-federal-testing-a-32178
-
What’s in a Name? The Quest to Understand Scattered Spider
Anarchic Western Adolescent Hacking Groups Appear to Defy Easy Categorization Some cybersecurity entities are groups, with office hours and vacation time. But others, such as Scattered Spider and other Com spinoffs, are largely comprised of adolescent hackers and extortionists, and often display more anarchic behavior that makes their efforts tougher to combat. First seen on…
-
Attackers using Langflow flaw for credential harvesting (CVE-2026-55255)
The US Cybersecurity and Infrastructure Security Agency (CISA) is warning about yet another Langflow vulnerability (CVE-2026-55255) leveraged by attackers in the wild. The … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/07/08/langflow-vulnerability-cve-2026-55255-exploited/
-
Bitdefender Cybersecurity Assessment Report 2026 – Fast jedes zweite Unternehmen übersieht Schatten-KI
First seen on security-insider.de Jump to article: www.security-insider.de/bitdefender-report-ki-risiken-datensouveraenitaet-a-ad650ecb64302a565ebbe03ce387a14d/
-
EU unveils cyber plan to reduce reliance on foreign AI systems
The communication, adopted in Strasbourg on July 7, is built around three pillars: making frontier AI “safe, accessible and deployable” for European cybersecurity, preparing the EU’s cyber ecosystem and scaling European AI capabilities. First seen on therecord.media Jump to article: therecord.media/eu-unveils-cyber-plan-to-reduce-reliance-on-foreign-ai
-
CISA orders feds to prioritize patching Langflow auth bypass flaw
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) gave federal agencies until Friday to patch an actively exploited vulnerability in the Langflow visual framework for building AI agents. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-feds-to-prioritize-patching-langflow-auth-bypass-flaw/
-
U.S. CISA adds Adobe ColdFusion, Joomlack Page Builder, Langflow, and JoomShaper SP Page Builder flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Adobe ColdFusion, Joomlack Page Builder, Langflow, and JoomShaper SP Page Builder flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added [1, 2] Adobe ColdFusion, Joomlack Page Builder, Langflow, and JoomShaper SP Page Builder flaws to its Known Exploited Vulnerabilities (KEV) catalog.…
-
CISA Warns of Actively Exploited Adobe ColdFusion Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability in Adobe ColdFusion, tracked as CVE-2026-48282, to its Known Exploited Vulnerabilities (KEV) Catalog. This vulnerability is actively being exploited in the wild. Disclosed on July 7, 2026, this vulnerability involves a path traversal weakness that could allow attackers to execute arbitrary code…
-
CISA orders feds to patch max severity ColdFusion flaw by Friday
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered government agencies to patch an actively exploited maximum-severity flaw in the Adobe ColdFusion commercial web app development platform by Friday. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-max-severity-coldfusion-flaw-by-friday/
-
CISA Adds 4 Actively Exploited Adobe, Joomla, and Langflow Flaws to KEV
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.The vulnerabilities are listed below – CVE-2026-48282 (CVSS score: 10.0) – A path traversal vulnerability in Adobe ColdFusion that could lead to arbitrary code execution in the context of the…
-
20 open-source cybersecurity tools to keep your team ready for anything
AI is changing how security teams find vulnerabilities, analyze code, test applications, and protect infrastructure. Developers are building tools to secure AI systems … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/07/08/20-latest-open-source-cybersecurity-tools/
-
U.S. Government Reportedly Approves OpenAI’s GPT-5.6 Sol, Terra, and Luna Models
The Trump administration has reportedly lifted previous restrictions on the launch of OpenAI’s GPT-5.6, enabling a broader commercial rollout of this advanced model after weeks of government-mandated cybersecurity and national security vetting. This decision marks a significant turning point in U.S. AI governance, moving GPT-5.6 from a tightly controlled pilot program with Trump-approved partners to…
-
EU Pushes for Domestic AI Momentum
Eurozone Banks Told to Strengthen Controls Amid AI Vulnerability Disclosure Wave. Europe is planning for improved capabilities to evaluate the cybersecurity implications of frontier artificial intelligence models – and will possibly mount a grand challenge for developing AI-powered cybersecurity systems – as part of a new strategy unveiled Tuesday. First seen on govinfosecurity.com Jump to…
-
Forescout recognised by NATO for cybersecurity capabilities across IT and OT environments
Forescout Technologies Inc. has been added to the NATO Information Assurance Product Catalogue (NIAPC), marking formal recognition that the company’s cybersecurity platform meets NATO’s information assurance requirements for deployment across mission-critical defence environments. Maintained by the NATO Communications and Information Agency (NCIA), the NIAPC serves as a trusted catalogue of cybersecurity technologies that have been…
-
Pentesting is dead. Long live pentesting.
Penetration testing has been a cornerstone of cybersecurity for decades. For many organisations, it is part of an annual security programme, providing reassurance for boards, evidence for customers and insurers and a demonstration of compliance with regulatory requirements. It is also one of the most commonly purchased cybersecurity services. Despite its widespread use, penetration testing is actually one of the least…
-
Check Point Brings Cloud Firewall to AWS European Sovereign Cloud
Check Point Software has announced that its Cloud Firewall offering is now available on the AWS European Sovereign Cloud, as the cybersecurity giant becomes an official partner for Amazon’s new independent European cloud infrastructure. The move is designed to help European organisations meet increasingly stringent data residency and operational autonomy requirements under EU regulatory frameworks,…
-
Registration Now Open for International Cyber Expo 2026
Registration is now open for International Cyber Expo 2026, one of the UK’s flagship two-day cybersecurity events which set to return to Olympia London on 2930 September 2026, bringing together thousands of security professionals, technology providers and policymakers to explore the latest developments shaping the cyber landscape. With cyber threats at a peak and the…
-
The 10 Hottest Cybersecurity Tools And Products Of 2026 (So Far)
The hottest cybersecurity products of 2026 so far include AI security tools from CrowdStrike, Palo Alto Networks, Zscaler and SentinelOne. First seen on crn.com Jump to article: www.crn.com/news/security/2026/the-10-hottest-cybersecurity-tools-and-products-of-2026-so-far
-
UK cyber pledge draws only a handful of top firms despite ministerial appeal
Those that did sign include large firms such as Aviva, the London Stock Exchange Group and Marks & Spencer, which lost hundreds of millions of pounds in a cyberattack last year, as well as small cybersecurity consultancies. First seen on therecord.media Jump to article: therecord.media/uk-cyber-pledge-draws-limited-partners-despite-ministerial-appeal
-
Writer AI Flaw Could Let Agent Previews Leak Session Tokens Across Tenants
Cybersecurity researchers have disclosed details of a now-patched critical session isolation vulnerability in Writer, an enterprise generative artificial intelligence (AI) platform, that could result in cross-tenant compromise.The one-click vulnerability has been codenamed WriteOut by the Sand Security Research team.”An outsider could go from having no access to taking over any Writer AI First seen on…
-
US Cyber Agency Uses Anthropic Mythos to Audit Government Code for Bugs
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has started using Anthropic’s advanced AI model, Mythos, to audit government software for vulnerabilities. This marks a significant shift toward AI-assisted cyber defense operations. Sources familiar with the initiative report that CISA is deploying Mythos to systematically scan federal code repositories to identify security flaws that foreign…

