Tag: framework
-
Zscaler startet das Projekt AI-Guardian und unterstützt mit Systemintegratoren die sichere KI-Einführung in Unternehmen
Zscaler startet in der strategischen Zusammenarbeit mit wichtigen Global-System-Integrator (GSI)-Partnern das Projekt ‘AI Guardian”. Diese Initiative soll Unternehmen dabei helfen, die Komplexität der KI-gesteuerten Landschaft zu bewältigen, indem das ‘Zero-Trust Everywhere”-Framework von Zscaler mit der spezialisierten Beratungskompetenz der weltweit führenden GSIs kombiniert wird. Damit wird es Unternehmen ermöglicht, KI-Initiativen zu beschleunigen und gleichzeitig einen robusten…
-
Fake Invitation Phishing Campaign Steals Credentials From U.S. Organizations
A large-scale phishing campaign leveraging fake event invitations is actively targeting U.S. organizations, combining credential theft, OTP interception, and remote access tool abuse into a single attack chain. The campaign stands out due to its repeatable phishing framework, which allows threat actors to rapidly generate event-themed lure pages at scale. These pages often begin with…
-
Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development
Microsoft has unveiled two new open-source tools called RAMPART and Clarity to assist developers in better testing the security of artificial intelligence (AI) agents.RAMPART, short for Risk Assessment and Measurement Platform for Agentic Red Teaming, functions as a Pytest-native safety and security testing framework for writing and running safety and security tests for AI agents,…
-
Securing the AI Supply Chain in the European Union
The European Union’s AI strategy is entering a new phase. What began as a commitment to “trustworthy AI,” grounded in ethics and human rights, is now evolving into a legally enforceable framework for technically secure AI. EU-specific AI, data and cybersecurity regulations are taking effect, alongside the January 2026 Digital Omnibus initiative. Cybersecurity is no…
-
7 tips for accelerating cyber incident recovery
Tags: attack, awareness, backup, breach, business, ceo, cio, ciso, cloud, communications, control, cyber, cybersecurity, data, defense, finance, framework, governance, incident, incident response, infection, insurance, international, lessons-learned, malicious, malware, monitoring, nist, risk, service, technology, threat, updateEmphasize scoping and containment from the outset: Because you can’t recover from what you can’t stop, scoping and containment should be the absolute first priority during incident recovery, says Amit Basu, CIO and CISO at freight shipping firm International Seaway.”Before anything else, you must stop the bleeding,” he says. This means understanding the true scope…
-
‘Claw Chain’ Vulnerabilities Threaten OpenClaw Deployments
The now patched vulnerabilities in the rapidly growing AI agent framework allow attackers to steal credentials, escalate privileges, and maintain persistence. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/claw-chain-vulnerabilities-threaten-openclaw
-
New image-based prompt injection attack targets multimodal AI models
Researchers claim strong black-box transferability: The researchers evaluated the technique against multiple open-source LVLMs, including MiniGPT4, BLIP-2, InstructBLIP, BLIVA, and Qwen2.5-VL, the paper added.According to the paper, the attack achieved an average success rate of 66.36% across tested models, outperforming prior baseline attacks by roughly 41 percentage points.The researchers also said the technique demonstrated “strong…
-
Cyberkriminelle missbrauchen Openclaw-Workflows zur Verbreitung von Remcos-RAT und Ghostloader
Die Threatlabz-Researcher von Zscaler haben eine neuartige Angriffskampagne analysiert, die gezielt den wachsenden Einsatz von autonomen KI-Agenten Entwicklungs- und Unternehmensumgebungen ins Visier nimmt. Die Angreifer machen sich das Open-Source-Framework <> zunutze, das KI-Agenten zur Umsetzung komplexer Aufgaben mit weitreichenden Systemzugriffsrechten ausstattet. Das zur Automatisierung von Workflow entwickelte Rahmenwerk wird jetzt als gefährlicher Angriffsvektor instrumentalisiert. Im…
-
Critical Marimo RCE Flaw Could Let Attackers Execute Malicious Code Remotely
A newly disclosed critical vulnerability in the Marimo Python notebook framework is raising serious alarms across the cybersecurity community, as it allows attackers to execute arbitrary commands remotely, without authentication. Tracked as CVE-2026-39987, the flaw exposes a WebSocket endpoint that can be abused to spawn a system-level shell, potentially leading to full infrastructure compromise. Marimo RCE…
-
KI-Agenten als Einfallstor: Angreifer kapern OpenClaw und schleusen Remcos RAT in Entwicklerumgebungen ein
Cyberkriminelle missbrauchen zunehmend KI-Frameworks als neue Eintrittspunkte in Unternehmensnetzwerke. Aktuell steht OpenClaw im Fokus. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/ki-agenten-als-einfallstor-angreifer-kapern-openclaw-und-schleusen-remcos-rat-in-entwicklerumgebungen-ein/a45171/
-
Fast16 Malware Sabotages Nuclear Test Simulations by Altering Data
A newly analyzed cyber-espionage framework called Fast16 has revealed one of the most precise and covert sabotage operations ever uncovered targeting nuclear weapons simulations by silently manipulating critical test data. Researchers confirm that the malware didn’t just infiltrate systems it altered the scientific results themselves. Fast16’s core capability lies in its highly selective “hook engine,”…
-
Crafted JPEGs Could Trigger PHP Memory Bugs for Exploitation
PHP, one of the most widely used web programming languages, is rarely viewed as a direct attack surface at its core level. Security focus typically shifts toward frameworks and third-party libraries. However, new research shows that PHP’s built-in functionality specifically the ext/standard extension can expose critical risks when handling untrusted input such as image files.…
-
AI Doctors? Lawsuits Say No, Some Doctors Say Yes
License Frontier AI to Practice Medicine, Argues JAMA Article. Scrutiny is intensifying around the quickly evolving role that AI is playing in healthcare. That includes issues around the transparency and safety of consumer health chatbots and also whether a new clinical AI licensing framework is necessary to protect the integrity of medicine. First seen on…
-
Researchers uncover YellowKey and GreenPlasma Windows Zero-Days
Researchers disclosed two new Windows zero-days named YellowKey and GreenPlasma affecting BitLocker and the CTFMON framework. A security researcher known as Chaotic Eclipse, also called Nightmare-Eclipse, disclosed two new Windows zero-day vulnerabilities named YellowKey and GreenPlasma. The flaws affect BitLocker and the Windows Collaborative Translation Framework (CTFMON). YellowKey could allow attackers to bypass BitLocker protections,…
-
Next.js Security Flaw Leaks Cloud Credentials, API Keys, and Admin Interfaces
Next.js, one of the most widely used React frameworks, has been hit by a high-severity vulnerability that could allow attackers to extract sensitive cloud credentials, API keys, and even access internal admin interfaces. The flaw, tracked as CVE-2026-44578, exposes a critical weakness in how certain server-side deployments handle WebSocket upgrade requests. Next.js Security Flaw The…
-
Meet Fragnesia, the third Linux kernel vulnerability in a month
Tags: access, control, exploit, framework, least-privilege, linux, mfa, mitigation, monitoring, password, service, switch, update, vulnerabilityCSO. “It is bypassing traditional filesystem permissions that are present and enforced (for example, ‘file is owned by root’, or ‘file is read-only’) to allow manipulation without touching the disk.”Similar to Dirty Frag, Fragnesia (CVE-2026-46300) is a local privilege escalation hole that exploits a vulnerability in the XFRM ESP-in-TCP subsystem to achieve a memory write…
-
King’s Speech paves the way for digital ID
The speech outlined plans for a Digital Access to Services Bill, establishing a legal framework for the use of digital identity, which has received mixed responses First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366643097/Kings-Speech-paves-the-way-for-digital-ID
-
FlowerStorm phishing gang adopts virtual-machine obfuscation to evade email defenses
Tags: attack, authentication, business, cloud, communications, control, credentials, defense, detection, email, framework, government, infrastructure, login, malicious, malware, mfa, microsoft, phishing, service, theftThe campaign dynamically adapts to victims: After deobfuscation, the phishing payload loads infrastructure designed to impersonate Microsoft 365 and other login portals while dynamically adapting to targeted users.According to the report, the malware can determine which authentication provider should be impersonated, preload victim email addresses into phishing pages, and customize branding elements such as company…
-
New Malware Framework Enables Screen Control and UAC Bypass
A sophisticated malware framework capable of screen control, browser artifact access, and User Account Control (UAC) bypass, highlighting how attackers are increasingly adapting open-source tools for real-world intrusions. The attack chain revealed a carefully staged operation designed to blend into normal enterprise traffic. Investigators observed suspicious infrastructure activity, host-level artifacts, and command-and-control (C2) communication patterns…
-
PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure
Threat actors have been observed attempting to exploit a recently disclosed security vulnerability in PraisonAI, an open-source multi-agent orchestration framework, within four hours of public disclosure.The vulnerability in question is CVE-2026-44338 (CVSS score: 7.3), a case of missing authentication that exposes sensitive endpoints to anyone, potentially allowing an attacker to invoke the First seen on…
-
China-Linked Twill Typhoon Uses Fake Apple and Yahoo Sites for Espionage
A new Darktrace report reveals how Chinese hackers use fake Apple and Yahoo sites and the FDMTP malware framework to spy on organisations. First seen on hackread.com Jump to article: hackread.com/chinatwill-typhoon-fake-apple-yahoo-sites-espionage/
-
Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation
An anonymous cybersecurity researcher who disclosed three Microsoft Defender vulnerabilities has returned with two more zero-days involving a BitLocker bypass and a privilege escalation impacting Windows Collaborative Translation Framework (CTFMON).The security defects have been codenamed YellowKey and GreenPlasma, respectively, by the researcher, who goes by the online aliases Chaotic Eclipse First seen on thehackernews.com Jump…
-
OpenAI introduces Daybreak cyber platform, takes on Anthropic Mythos
Tags: access, ai, cisco, crowdstrike, cyber, cybersecurity, defense, detection, fortinet, framework, government, malware, network, openai, oracle, penetration-testing, RedTeam, risk, software, strategy, technology, update, vulnerabilityOpenAI’s cybersecurity model stack: OpenAI is pursuing a scalable cyber defense platform strategy with Daybreak and is rolling out the initiative through three different model tiers: GPT-5.5 (default), GPT-5.5 with Trusted Access for Cyber, and GPT-5.5-Cyber.The standard GPT-5.5 model is positioned for general-purpose enterprise use cases, including developer assistance and knowledge work. GPT-5.5 with Trusted…
-
AI Researchers Target SIEM Migration Bottleneck
System Translates Detection Rules Across Security Platforms. Researchers developed an AI framework that converts threat detection rules between major SIEM platforms including Splunk, Microsoft Sentinel and QRadar. The system uses LLMs and automated validation steps to preserve detection logic during migrations that often require months of manual work. First seen on govinfosecurity.com Jump to article:…
-
Lyrie.ai Joins First Batch of Anthropic’s Cyber Verification Program
Tags: ai, attack, ceo, cyber, cybersecurity, exploit, framework, github, Hardware, identity, infrastructure, Internet, penetration-testing, RedTeam, risk, threat, tool, vulnerability, zero-dayIdentity, who the AI agent is.Scope, what it is authorized to do.Attestation, whether it or its instructions have been tampered with.Delegation, who delegated authority.Revocation, whether that authority has been revoked.”Every AI agent on the internet today is a stranger. You don’t know who it is, what it’s authorized to do, or whether it’s been tampered…
-
1,800+ MCP servers exposed without authentication: How zero trust can secure the AI agent revolution
Tags: ai, attack, authentication, breach, cloud, control, credentials, data, data-breach, defense, exploit, framework, governance, identity, infrastructure, Internet, LLM, malicious, monitoring, network, risk, service, supply-chain, threat, tool, vulnerability, zero-trustThe epistemological chasm: What renders MCP vulnerabilities particularly vexatious is the fundamental asymmetry they exploit between machine cognition and human oversight.Tool poisoning attacks insert malevolent instructions into tool metadata that LLMs process with complete fidelity but that remain utterly invisible to human operators. The machine perceives everything; its ostensible supervisors perceive nothing. We have unwittingly…
-
10 wichtige CloudTools für Unternehmenssicherheit und Audit-Bereitschaft
Cloud-Compliance im Jahr 2026 ist weit mehr ist als die Vorbereitung auf Audits: In hybriden und Multi-Cloud-Umgebungen wird sie zum zentralen Maßstab für operative Resilienz, Risikotransparenz und regulatorische Sicherheit. Unternehmen stehen unter wachsendem Druck, Anforderungen aus Frameworks wie NIST, ISO27001, SOC2, PC DSS, HIPAA, DSGVO, NIS2 und DORA kontinuierlich nachzuweisen und zwar in Echtzeit […]…
-
CatoFrameworks – Schwachstellen in Nvidia NeMo und Meta PyTorch
First seen on security-insider.de Jump to article: www.security-insider.de/schwachstellen-ki-frameworks-nvidia-nemo-meta-pytorch-a-b22f685a0139a7d6c6463175b8ca4d7b/