Latest stories — Page 32

OpenAI Ships ChatGPT 'Lockdown Mode' to Blunt Prompt-Injection Data Theft
The opt-in setting strips connectors and browsing tools that attackers have used to siphon data from logged-in sessions.

One-Click VS Code Flaw Exposed GitHub OAuth Tokens to Theft
A researcher-disclosed bug in Microsoft's browser-based VS Code variant let a single crafted link siphon tokens with read/write access to private repos.

Bright Data's iOS SDK Quietly Conscripts Smart TVs Into a Scraping Proxy Network
A reverse-engineering of the SDK shows how consumer apps — including always-on televisions — relay traffic for the proxy giant now courting AI customers.

CISA Flags SolarWinds Serv-U DoS Bug as Actively Exploited
CVE-2026-28318 crashes the file transfer service. Federal agencies get the usual three-week patch window.

FFmpeg Gets 21 New Bugs from an AI Fuzzer; Chrome 149 Ships a Record 429 Fixes
An autonomous agent dug up zero-days in the codec library that ships in everything. Google's browser shipped its largest single security release on record. Same week.

Miasma Self-Replicating Worm Reaches Microsoft GitHub Orgs, 73 Repos Affected
The campaign — tracked publicly as Miasma — propagated into Azure, Azure-Samples, Microsoft, and MicrosoftDocs before GitHub pulled access.

Cisco SD-WAN Manager Bug Under Active Exploit, No Fix Yet
CVE-2026-20245 affects on-prem and FedRAMP deployments. Cisco confirms exploitation in the wild while customers wait on a patch.

npm Hit by Dual Supply-Chain Campaigns: Rust Stealer With eBPF Rootkit, Self-Spreading Worm
Researchers flagged two parallel intrusions into the npm registry. One delivers a kernel-level credential scraper. The other propagates through more than 50 poisoned packages.

Microsoft Expands Its Agentic AI Failure Taxonomy With Seven New Attack Classes
From inter-agent trust escalation to MCP plugin abuse, the updated taxonomy surfaces threat categories that didn't exist — or weren't well-understood — when Microsoft published its first version.

RubyGems Adds Installation Cooldown to Bundler as Supply Chain Defense
A configurable delay before newly published gems install gives the community time to spot malicious code before it reaches developer machines.

Asin Android Spyware Surfaces in Arabic-Language Lures, ESET Says
ESET ties early-2025 campaigns to decoy sites posing as utilities, war-tracking tools and a fake government news portal.

OWASP's CVE Lite CLI Puts Dependency Scanning in the Terminal
A new OWASP Incubator project lets developers scan project dependencies for known vulnerabilities from the command line — no dashboard, no subscription, no delay.

Fuel, Chemicals, Food: CISA Warns ATG Attacks Can Drain Tanks Silently
Hardcoded credentials and unauthenticated command execution leave automated tank gauges wide open. The fix list is embarrassingly short.

900+ Fuel Tank Gauges Still Hanging Off the Public Internet
ATG systems in gas stations, hospitals, and military sites are exposed to known CVEs — and nobody owns the patch cycle.

OP-512 Cluster Hits IIS Servers With Custom Web Shell Kit, Researchers Link Activity to China
A previously unreported intrusion set is dropping a bespoke web shell framework on Microsoft IIS servers, with espionage indicators pointing toward Beijing.

Ultrahuman Data Leak, Ransomware Tradecraft, and a Browser That Mines Your CPU: The Week's Overlooked Stories
Three stories that didn't dominate the feed — a wearable-tech data exposure, a dissection of The Gentlemen ransomware, and Hola Browser quietly bundling a cryptominer.

The AI SOC Hit Production. Only 10% of Buyers Call It Excellent.
Budgets shifted fast. Outcomes lagged. What the next wave of agentic SOC tooling has to prove before renewal season.

Voluntary AI Security Rules: The Industry Already Knows What That Means
Trump's AI cybersecurity executive order drew polite applause from vendors and quiet skepticism from practitioners. The gap between those two reactions is where the real story lives.

Everest Forms Pro RCE Under Active Exploitation on WordPress Sites
CVE-2026-3300 carries a 9.8 CVSS. Attackers are using it to take over sites running unpatched versions of the premium form-builder plugin.

Five Eyes Warns: Chinese Intelligence Officers Posing as Recruiters to Harvest Government Secrets
A joint advisory flags a persistent social engineering campaign targeting personnel with access to classified material — fake job offers, real espionage.

AI Tools Surge in Ransomware Markets, Lowering Entry Barriers
Underground markets see a boom in AI-driven tools, making ransomware more accessible and profitable.