Latest stories — Page 22

AWS Continuum Wants to Close the Gap Between AI-Generated Code and AI-Fixed Vulnerabilities
Amazon's new agentic security service promises continuous discovery, triage, and remediation. In practice, it's a bet that the same AI acceleration creating your backlog can also drain it.

Klue Breach Compromises Salesforce Data via OAuth Token Theft
Unauthorized access exposes CRM data; threat actors exploit legacy credentials.

Squidbleed: A 1997 FTP Parsing Bug Is Still Leaking Cleartext HTTP in Squid Proxies
A heap over-read disclosed by Calif.io exposes other users' requests — credentials and session tokens included — to anyone permitted to send traffic through the same proxy.

The 'Search-as-a-Service' Economy Built on Stolen Credentials
Underground brokers now sell targeted lookups against stolen credential corpora, lowering the bar for access brokers and intrusion crews alike.

OXLOADER Drops CastleStealer via Poisoned Google Ads, Researchers Say
Elastic Security Labs links the malvertising chain to a likely Russian-speaking, financially motivated operator.

Android's Identity Wall Goes Up Sept. 30, 2026 — Starting With Four Countries
Brazil, Indonesia, Singapore and Thailand are the first markets where unverified developers lose the right to install apps on certified Android devices, sideload or not.

Weekly Threat Roundup: EDR Killers, Browser Bugs, and an Android Trojan With Too Many Hands
Another week of recycled tradecraft — abused integrations, poisoned WordPress, and ransomware crews still gunning for endpoint sensors.

When Legacy Infrastructure Becomes the Soft Underbelly of Your AI Agent Stack
Governance frameworks like NIST AI RMF and the EU AI Act assume the pipes under the model are secure. They often aren't.

ShinyHunters Doesn't Need Malware. That's the Point.
The group's latest breaches are a reminder that stolen credentials and patience beat zero-days most days of the week.

Usbliter8: The iPhone Boot Exploit That Can't Be Patched
A proof-of-concept is now public for a hardware-level vulnerability that bypasses Apple's boot defenses on millions of iPhones — and there's no software fix coming.

CSIS Got a Warrant to Reach Into Canadian Routers and Kill Two Botnets
A Federal Court ruling unsealed June 15 is the first public use of CSIS threat-reduction warrant powers against infected infrastructure on Canadian soil.

War Room Debrief: How a Fictional Grocery Chain Got Crushed by APT 64
A tabletop exercise at Infosecurity Europe put ransomware, AI poisoning, and deepfake CEO videos inside a simulated supermarket attack. The blue team held the line. The red team shorted the stock anyway.

AryStinger Quietly Conscripts 4,300 Old Routers Into a Recon Proxy Fabric
Researchers say the malware skips the usual DDoS playbook and instead builds infrastructure for pre-breach reconnaissance.

CISOs Are Being Handed the Business Risk Portfolio. Most Aren't Ready.
Security chiefs at Appfire, JumpCloud, and BECU describe how they're learning to own risks that finance and operations used to call their own.

INTERPOL Flags Sharp Rise in Phishing, Ransomware and AI Scams Across Asia-Pacific
A new INTERPOL assessment maps a region where cybercrime is outpacing defensive capacity, with phishing leading the volume charts and ransomware crews exploiting the gap.

Zero Trust as the AI Control Plane: What Zscaler's Vienna Pitch Means for APAC CISOs
AI agents are joining the workforce whether security teams are ready or not. At Zenith Live 2026, Zscaler made its case for why zero trust should govern them the same way it governs humans.

Gravity SMTP Flaw Under Active Exploitation, Leaks API Keys and OAuth Tokens
CVE-2026-4020 lets unauthenticated attackers pull secrets from roughly 100,000 WordPress installs running the mail plugin.

Macron Pushes Wealthy Democracies Toward a Unified AI Regulatory Front
The French president wants the G7 crowd to stop freelancing on AI governance and start coordinating. Whether that translates into anything enforceable is a different question entirely.

Klue Confirms OAuth Token Theft as 'Icarus' Crew Stakes Public Claim
The market intelligence vendor's disclosure adds another name to the lengthening list of Salesforce-adjacent SaaS breaches tied to stolen OAuth credentials.

The Gentlemen RaaS Platform Enhances Arsenal with EDR Killer Framework
The Gentlemen's new EDR killer, 'GentleKiller', arms affiliates with advanced intrusion tools.

usbliter8 Burns a Permanent Hole in A12 and A13 SecureROM
Paradigm Shift's tethered exploit reaches code burned into the silicon, putting a years-long tail on iPhone XS through SE2 boot-chain trust.