Latest stories — Page 31

AI Security

Geordie Lands $30M to Tackle AI Security and Governance

Balderton Capital leads a Series A into the AI governance startup, joined by Crosspoint Capital and returning backers General Catalyst and Ten Eleven Ventures.

2 min
Vulnerabilities

Patched FortiClient EMS Flaw Still a Live Attack Vector for Credential Theft

Attackers are piggybacking on Fortinet's endpoint management tooling to push infostealers disguised as legitimate agent updates.

2 min
Policy & Regulation

Microsoft Reasserts Coordinated Disclosure Norms After Researcher Drops Zero-Days

Redmond is invoking CVD principles after a researcher publicly posted unpatched flaws, raising fresh questions about the boundary between disclosure ethics and platform enforcement.

2 min
Identity & Access

When 'Minor Foothold' Means Full Account Takeover: The Week IAM Bent the Wrong Way

A Claude security plugin, an Azure privilege-escalation chain, and a Kali365 MFA bypass all land in the same news cycle. Identity is still the soft underbelly.

2 min
Vulnerabilities

FortiClient EMS Flaw Sees Fresh Exploitation After April Hotfix

Attackers are still hitting a critical FortiClient EMS vulnerability that Fortinet patched — and flagged as actively exploited — months ago.

2 min
Cloud Security

The Real Bottleneck in Network Incidents Isn't Detection — It's Everything After

Monitoring catches the spike in seconds. Then the Slack thread starts, and the clock keeps running.

3 min
Cloud Security

IBM and Red Hat Pledge $5 Billion to Lock Down Open Source Supply Chains via Project Lightwell

The initiative targets a deceptively hard problem: patching vulnerabilities in open source dependencies without breaking production workloads that millions of systems depend on.

2 min
AI Security

Enterprise AI Risk Concentrates in a Sliver of Power Users, Report Finds

A new visibility study says the bulk of corporate AI exposure traces back to a thin slice of heavy users — most of it invisible to security teams.

3 min
AI Security

French Startup Edamame Builds Runtime Watch for AI Coding Agents

The platform uses host telemetry and AI analysis to flag intent drift, secret theft, and supply-chain interference — in real time, before the damage lands.

2 min
AI Security

Exploitation Industrialized: Navigating the New AI Battlefield

AI-driven attacks are reshaping the security landscape. Are defenders ready to adapt?

2 min
AI Security

You Can't Audit What You Can't See: The Agent Governance Hole Nobody Wants to Talk About

Enterprises are shipping AI agents into production without inventories, without trace pipelines, and without a coherent answer to a basic question: what is this thing actually doing?

3 min
Threat Intelligence

JINX-0164 Runs Fake-Recruiter Playbook Against Crypto Firms, Drops Custom macOS Malware

A newly catalogued threat actor is courting engineers at cryptocurrency companies with bogus job offers, then pivoting into CI/CD systems to siphon digital assets.

2 min
AI Security

Your Hiring Process Is Now a Weapons Financing Loophole

North Korea and Iran are using AI to manufacture legitimacy at scale. The threat isn't a genius hacker. It's industrialized paperwork.

3 min
AI Security

Microsoft's New Device Isolation in Defender: A Double-Edged Sword?

Microsoft introduces automatic device isolation in Defender for Endpoint, but potential risks loom.

2 min
Cloud Security

The Data You Don't Know You Have Is the Data That Will Burn You

DSPM tools are selling fast and consolidating faster — here's why security teams are scrambling to find the data they forgot existed.

3 min
AI Security

Cisco Uncovers Major Weaknesses in Leading AI Models

Relying solely on single-turn benchmarks could mislead your AI security assessments.

2 min
AI Security

AI's Role in the Battle of Stolen Credentials

Security teams grapple with AI-driven credential abuse, leaving many playing catch-up.

2 min
AI Security

SymJack: How a Rogue Symlink Turns Your AI Coding Agent Into a Supply Chain Weapon

A newly documented attack technique exploits AI coding agents through malicious repositories and disguised symlinks, silently planting attacker-controlled MCP servers deep inside developer environments.

3 min
AI Security

AI Risk Summit Returns August 11–12 at Half Moon Bay for Its Third Year

CISOs, policymakers, and AI researchers converge on the Ritz-Carlton for two days of hard conversation about what enterprise AI risk actually looks like in practice.

2 min
Vulnerabilities

Account Takeover Flaw in Pretalx CFP Tool Let Attackers Accept Any Conference Talk

An account takeover vulnerability in the open-source call-for-papers platform Pretalx could allow an unauthenticated attacker to manipulate submission outcomes, researchers at Novee have found.

3 min
AI Security

Microsoft Catches Chatbots Pointing Users at Cryptojacking Sites

A campaign tracked by Microsoft Defender Experts is poisoning AI assistant answers so that download recommendations lead to miner-laden installers.

2 min
© 2026 Threat Vectr