Tag: startup
-
VIPERTUNNEL Python Backdoor Hidden in Fake DLL, Obfuscated Loader Chain
Hackers are abusing a stealthy Python backdoor called VIPERTUNNEL, hiding it behind a fake DLL file and a multi”‘stage obfuscated loader to quietly tunnel traffic out of victim networks. A review of persistence mechanisms revealed a sitecustomize.py file in C:\ProgramData\cp49s\Lib\. This special Python module auto”‘loads at interpreter startup and can silently run code without command”‘line input. This script used ctypes to…
-
VIPERTUNNEL Python Backdoor Hidden in Fake DLL, Obfuscated Loader Chain
Hackers are abusing a stealthy Python backdoor called VIPERTUNNEL, hiding it behind a fake DLL file and a multi”‘stage obfuscated loader to quietly tunnel traffic out of victim networks. A review of persistence mechanisms revealed a sitecustomize.py file in C:\ProgramData\cp49s\Lib\. This special Python module auto”‘loads at interpreter startup and can silently run code without command”‘line input. This script used ctypes to…
-
TDL 019 – The Psychology Behind a Cyber Breach and the Leaders Who Survive It – Nim Nadarajah
Tags: access, ai, apple, automation, breach, business, cctv, ceo, cio, ciso, cloud, computing, conference, control, corporate, crowdstrike, cve, cyber, cyberattack, cybersecurity, data, dns, edr, email, finance, firewall, governance, group, healthcare, incident, incident response, infrastructure, injection, insurance, Internet, jobs, law, LLM, metric, microsoft, msp, network, office, powershell, privacy, programming, psychology, risk, saas, service, siem, soar, soc, software, startup, strategy, supply-chain, switch, technology, threat, tool, training, usa, vulnerability, windows, zero-trustLeading Through the Cyber Abyss In Episode 019 of The Defender’s Log, host David Redekop sits down with Nim Nadarajah, CISO and Managing Partner of Critical Matrix, to explore the evolving landscape of cybersecurity leadership. From the “annual pilgrimage” of RSAC 2026 to the front lines of incident response, the conversation shifts from technical bits…
-
TDL 019 – The Psychology Behind a Cyber Breach and the Leaders Who Survive It – Nim Nadarajah
Tags: access, ai, apple, automation, breach, business, cctv, ceo, cio, ciso, cloud, computing, conference, control, corporate, crowdstrike, cve, cyber, cyberattack, cybersecurity, data, dns, edr, email, finance, firewall, governance, group, healthcare, incident, incident response, infrastructure, injection, insurance, Internet, jobs, law, LLM, metric, microsoft, msp, network, office, powershell, privacy, programming, psychology, risk, saas, service, siem, soar, soc, software, startup, strategy, supply-chain, switch, technology, threat, tool, training, usa, vulnerability, windows, zero-trustLeading Through the Cyber Abyss In Episode 019 of The Defender’s Log, host David Redekop sits down with Nim Nadarajah, CISO and Managing Partner of Critical Matrix, to explore the evolving landscape of cybersecurity leadership. From the “annual pilgrimage” of RSAC 2026 to the front lines of incident response, the conversation shifts from technical bits…
-
CyberASAP Secures £10m Boost as UK’s Next Wave of Cyber Innovators Take Centre Stage
After a successful Year 9 Demo Day, Cyber Security Academic Startup Accelerator Programme (CyberASAP) is gaining momentum towards its 10th anniversary kick off, which is due to start later this month. This comes as the Department for Science, Innovation and Technology (DSIT) has committed a further £10m over the next four years in additional funding to CyberASAP.…
-
Comp AI: The open-source way to get compliant with SOC 2, ISO 27001, HIPAA and GDPR
Getting a startup through a SOC 2 audit has long meant months of manual evidence collection, policy writing, and repeated back-and-forth with auditors. A growing number of … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/07/comp-ai-open-source-compliance-platform/
-
6 ways attackers abuse AI services to hack your business
Tags: ai, api, attack, backdoor, breach, business, ceo, china, control, cve, cyber, cybercrime, cybersecurity, data, email, espionage, exploit, framework, group, hacking, injection, leak, LLM, malicious, malware, marketplace, microsoft, monitoring, open-source, openai, service, skills, software, startup, supply-chain, threat, tool, vulnerabilityAbusing AI platforms as covert C2 channels: Cybercriminals are also abusing AI platforms as covert command-and-control (C2) channels by turning AI services into proxies that hide malicious traffic inside the flow of legitimate content.Instead of running a dedicated C2 server, malware is programmed to fetch commands and exfiltrate data through AI services, circumventing traditional security…
-
Cybersecurity Leaders to Watch in California’s Artificial Intelligence Industry
California’s artificial intelligence industry includes security leaders working across frontier model development, enterprise AI platforms, data infrastructure, observability, and AI-native software products. The executives in this feature bring experience from high-growth startups, major technology companies, cloud-native environments, offensive security, incident response, compliance, and product security. Their backgrounds reflect how AI security leadership now spans not…The…
-
Supply Chain Attacks Surge in March 2026
Tags: access, ai, api, attack, authentication, awareness, cloud, container, control, corporate, credentials, crypto, data-breach, github, group, hacking, identity, infrastructure, Internet, kubernetes, least-privilege, linux, LLM, macOS, malicious, malware, mfa, network, north-korea, open-source, openai, phishing, pypi, software, startup, supply-chain, threat, tool, update, vulnerability, windowsIntroductionThere was a significant increase in software supply chain attacks in March 2026. There were five major software supply-chain attacks that occurred including the Axios NPM package compromise, which has been attributed to a North Korean threat actor. In addition, a hacking group known as TeamPCP was able to compromise Trivy (a vulnerability scanner), KICS…
-
12 Agentic AI Startups To Watch In 2026
Agentic AI startups to watch in 2026 include early-stage vendors that showcased tools for agentic identity security, AI agent governance and agentic SOC platforms at RSAC. First seen on crn.com Jump to article: www.crn.com/news/security/2026/12-agentic-ai-startups-to-watch-in-2026
-
12 cyber industry trends revealed at RSAC 2026
Tags: access, ai, application-security, authentication, awareness, business, ciso, cloud, control, cyber, cybersecurity, data, deep-fake, defense, detection, edr, endpoint, firewall, gartner, governance, identity, infrastructure, insurance, metric, microsoft, monitoring, mssp, phishing, programming, risk, risk-management, service, siem, skills, soc, software, startup, technology, threat, tool, trainingLegacy security vendors have the inside track on AI, for now: As far as AI technology consumption for cybersecurity, most CISOs I spoke with were open-minded while leaning toward their existing vendors, at least in the short term. This may buy legacy security vendors a bit, but not much time.Remember what happened in the cloud…
-
Startup Linx Secures $50M as Identity Threats Intensify
AI-Native Platform Targets Identity Governance Gaps and Automation. Linx Security secured $50 million to expand its artificial intelligence-driven identity platform as enterprises struggle with identity-based attacks. CEO Israel Duanis highlights real-time visibility automation and risk reduction as key to addressing growing threats from AI agents. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/startup-linx-secures-50m-as-identity-threats-intensify-a-31328
-
Mercor says it was hit by cyberattack tied to compromise of open source LiteLLM project
The AI recruiting startup confirmed a security incident after an extortion hacking crew took credit for stealing data from the company’s systems. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/31/mercor-says-it-was-hit-by-cyberattack-tied-to-compromise-of-open-source-litellm-project/
-
AI Startup Mercor Hit by Supply Chain Attack Linked to LiteLLM
Tags: ai, attack, breach, cyberattack, data, data-breach, malicious, open-source, risk, software, startup, supply-chainA recent Mercor cyberattack has brought renewed attention to the risks associated with open-source software dependencies, after the AI recruiting startup confirmed it was impacted by a broader supply chain compromise. The Mercor data breach, which is still under investigation, has been linked to a malicious incident involving the widely used LiteLLM project. First seen…
-
AI Startup Mercor Hit by Supply Chain Attack Linked to LiteLLM
Tags: ai, attack, breach, cyberattack, data, data-breach, malicious, open-source, risk, software, startup, supply-chainA recent Mercor cyberattack has brought renewed attention to the risks associated with open-source software dependencies, after the AI recruiting startup confirmed it was impacted by a broader supply chain compromise. The Mercor data breach, which is still under investigation, has been linked to a malicious incident involving the widely used LiteLLM project. First seen…
-
Mercor says it was hit by cyberattack tied to compromise of open-source LiteLLM project
The AI recruiting startup confirmed a security incident after an extortion hacking crew took credit for stealing data from the company’s systems. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/31/mercor-says-it-was-hit-by-cyberattack-tied-to-compromise-of-open-source-litellm-project/
-
Popular AI gateway startup LiteLLM ditches controversial startup Delve
LiteLLM had obtained two security compliance certifications via Delve and fell victim to some horrific credential-stealing malware last week. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/30/popular-ai-gateway-startup-litellm-ditches-controversial-startup-delve/
-
Why Startup Cyber Funding Boom Creates Execution Risks
Rain Capital’s Lefort on Overcapitalization and Cybersecurity’s Barbell Effect. Cybersecurity funding hit all-time highs in 2025, rivaling the 2021 boom, said Sidra Ahmed Lefort, venture partner at Rain Capital. A barbell effect has taken hold, with capital concentrating at the earliest and latest stages while squeezing the Series cB and C middle. First seen on…
-
Why Startup Cyber Funding Boom Creates Execution Risks
Rain Capital’s Lefort on Overcapitalization and Cybersecurity’s Barbell Effect. Cybersecurity funding hit all-time highs in 2025, rivaling the 2021 boom, said Sidra Ahmed Lefort, venture partner at Rain Capital. A barbell effect has taken hold, with capital concentrating at the earliest and latest stages while squeezing the Series cB and C middle. First seen on…
-
Startups und Scaleups der Digitalwirtschaft betroffen: Bitkom kritisiert Berliner Ausbildungsplatzumlage
Tags: startupFirst seen on datensicherheit.de Jump to article: www.datensicherheit.de/digitalwirtschaft-bitkom-kritik-berlin-ausbildungsplatzabgabe
-
Anduril Wants to Own the Future of War Tech. Mishaps, Delays, and Challenges Abound
From drones to missiles to submarines, the $30.5 billion defense startup wants to transform how the tools of war are made. It’s not all going as planned. First seen on wired.com Jump to article: www.wired.com/story/andurils-real-war-is-with-itself/
-
Anduril Wants to Own the Future of War Tech. Mishaps, Delays, and Challenges Abound
From drones to missiles to submarines, the $30.5 billion defense startup wants to transform how the tools of war are made. It’s not all going as planned. First seen on wired.com Jump to article: www.wired.com/story/andurils-real-war-is-with-itself/
-
Anduril Wants to Own the Future of War Tech. Mishaps, Delays, and Challenges Abound
From drones to missiles to submarines, the $30.5 billion defense startup wants to transform how the tools of war are made. It’s not all going as planned. First seen on wired.com Jump to article: www.wired.com/story/andurils-real-war-is-with-itself/
-
Anduril Wants to Own the Future of War Tech. Mishaps, Delays and Challenges Abound.
From drones to missiles to submarines, the $30.5 billion defense startup wants to transform how the tools of war are made. It’s not all going as planned. First seen on wired.com Jump to article: www.wired.com/story/andurils-real-war-is-with-itself/
-
Anduril Wants to Own the Future of War Tech. Mishaps, Delays and Challenges Abound.
From drones to missiles to submarines, the $30.5 billion defense startup wants to transform how the tools of war are made. It’s not all going as planned. First seen on wired.com Jump to article: www.wired.com/story/andurils-real-war-is-with-itself/
-
Anduril’s Real War Is With Itself
From drones to missiles to submarines, the $30.5 billion defense startup wants to transform how the tools of war are made. It’s not all going as planned. First seen on wired.com Jump to article: www.wired.com/story/andurils-real-war-is-with-itself/
-
(g+) Raus aus der Cloud: Ein Start-up auf EU-Infrastruktur? Schwieriger als gedacht!
Ja, es ist möglich, ein Start-up komplett auf europäischer Infrastruktur zu betreiben. Aber man muss es wollen. First seen on golem.de Jump to article: www.golem.de/news/europaeische-cloudinfrastruktur-made-in-eu-schwieriger-als-gedacht-2603-206865.html
-
6 key trends reshaping the IAM market
Tags: access, ai, attack, authentication, ciso, compliance, corporate, cyber, cybersecurity, data, dora, finance, framework, governance, government, Hardware, iam, identity, mfa, mobile, network, nis-2, passkey, password, PCI, phone, regulation, saas, service, startup, strategy, technologyPasswordless authentication on the rise: Passwords have long been the weakest link in most security architectures.Many mobile phones and laptops already use biometrics for authentication, and the user experience is typically far better than typing a long and complex password into an interface.The growing uptake of passwordless authentication (FIDO2/passkeys, biometrics) is redefining the scope of…
-
6 key trends reshaping the IAM market
Tags: access, ai, attack, authentication, ciso, compliance, corporate, cyber, cybersecurity, data, dora, finance, framework, governance, government, Hardware, iam, identity, mfa, mobile, network, nis-2, passkey, password, PCI, phone, regulation, saas, service, startup, strategy, technologyPasswordless authentication on the rise: Passwords have long been the weakest link in most security architectures.Many mobile phones and laptops already use biometrics for authentication, and the user experience is typically far better than typing a long and complex password into an interface.The growing uptake of passwordless authentication (FIDO2/passkeys, biometrics) is redefining the scope of…