News

GOLD SALEM’s Warlock operation joins busy ransomware landscape

Bys s September 17, 2025

The emerging group demonstrates competent tradecraft using a familiar ransomware playbook and hints of ingenuity

News

Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation
Bys s January 11, 2025

Microsoft has revealed that it’s pursuing legal action against a “foreign-based threat–actor group” for operating a hacking-as-a-service infrastructure to intentionally get around the safety controls of its generative artificial intelligence (AI) services and produce offensive and harmful content. The tech giant’s Digital Crimes Unit (DCU) said it has observed the threat actors “develop

Read More Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation
News

Ivanti Patches Critical Vulnerabilities in Endpoint Manager
Bys s January 15, 2025

Ivanti has released patches for multiple vulnerabilities in Endpoint Manager (EPM), including four critical-severity flaws. The post Ivanti Patches Critical Vulnerabilities in Endpoint Manager appeared first on SecurityWeek.

Read More Ivanti Patches Critical Vulnerabilities in Endpoint Manager
News

The Back Door Attackers Know About — and Most Security Teams Still Haven’t Closed
Bys s May 5, 2026

Every AI tool, workflow automation, and productivity app your employees connected to Google or Microsoft this year left something behind: a persistent OAuth token with no expiration date, no automatic cleanup, and in most organizations, no one watching it. Your perimeter controls don’t see it. Your MFA doesn’t stop it. And when an attacker gets…

Read More The Back Door Attackers Know About — and Most Security Teams Still Haven’t Closed
News

ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation
Bys s January 13, 2026

ServiceNow has disclosed details of a now-patched critical security flaw impacting its ServiceNow AI Platform that could enable an unauthenticated user to impersonate another user and perform arbitrary actions as that user. The vulnerability, tracked as CVE-2025-12420, carries a CVSS score of 9.3 out of 10.0 “This issue […] could enable an unauthenticated user to…

Read More ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation
News

UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign
Bys s April 16, 2026

The Computer Emergencies Response Team of Ukraine (CERT-UA) has disclosed details of a new campaign that has targeted governments and municipal healthcare institutions, mainly clinics and emergency hospitals, to deliver malware capable of stealing sensitive data from Chromium-based web browsers and WhatsApp. The activity, which was observed between March and April

Read More UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign
News

Microsoft’s MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday
Bys s May 13, 2026

Microsoft has unveiled a new multi-model artificial intelligence (AI)-driven system called MDASH to facilitate vulnerability discovery and remediation at scale, adding that it’s being tested by some customers as part of a limited private preview. MDASH, short for multi-model agentic scanning harness, is designed as a model-agnostic system that uses bespoke AI agents for different…

Read More Microsoft’s MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday

Similar Posts