Tag

#SEC disclosure

24 stories taggedSEC disclosure.

Policy & Regulation

Microsoft Tightens Teams Meeting Controls for External AI Bots

A new admin policy requires organizer approval before automated external participants can join Teams meetings — a quiet but consequential shift in how enterprises govern AI access to sensitive calls.

2 min
Policy & Regulation

Behavioral AI Pitched as Answer to Identity-Abuse Phishing, But Regulators Still Set the Bar

A vendor webinar makes the case for behavioral detection against BEC and account takeover. The compliance questions sit underneath.

2 min
Vulnerabilities

Adobe Ships Emergency Fixes for Seven CVSS 10.0 Bugs in ColdFusion, Campaign Classic

Out-of-band advisories cover arbitrary code execution and privilege escalation paths. Administrators face a short remediation window before public exploit code is likely.

2 min
Threat Intelligence

WhatsApp DMs Push VBScript Loaders That Deploy Legitimate RMM Tools

An active campaign abuses WhatsApp Desktop and Web to distribute scripted droppers that install commercial remote-management software across at least ten jurisdictions.

2 min
Policy & Regulation

When Legacy Infrastructure Becomes the Soft Underbelly of Your AI Agent Stack

Governance frameworks like NIST AI RMF and the EU AI Act assume the pipes under the model are secure. They often aren't.

3 min
Breaches

Klue Confirms OAuth Token Theft as 'Icarus' Crew Stakes Public Claim

The market intelligence vendor's disclosure adds another name to the lengthening list of Salesforce-adjacent SaaS breaches tied to stolen OAuth credentials.

3 min
Policy & Regulation

Mastra npm Namespace Hit: 145 Packages Tampered After Contributor Account Hijack

Researchers tracking the 'easy-day-js' supply chain incident say a single compromised maintainer account was sufficient to push malicious versions across the @mastra/* registry footprint.

2 min
Policy & Regulation

Tailscale and OpenSSH Became a Junior Operator's Back Door After His Havoc C2 Went Dark

An intrusion at a small French auto-sector firm shows how commodity remote-access tooling defeats the assumption that killing the C2 ends the incident.

3 min
Identity & Access

MFA Alone Won't Save You: What Modern Attackers Know That Defenders Don't

A practitioner-focused webinar examines how threat actors sidestep conventional detection controls and why single-layer authentication assumptions are failing organizations.

2 min
AI Security

AI in Cybersecurity: What Security Leaders Actually Need to Know

Dozens of experts weigh in on how artificial intelligence is reshaping both offense and defense — and why the gap between the two may be widening faster than policy can close it.

2 min
Policy & Regulation

MDR's AI Reckoning: When the Old Service Model Stops Keeping Up

Managed detection and response solved a staffing problem. It is not, by itself, an answer to adversaries who automate reconnaissance and intrusion at machine speed.

3 min
Vulnerabilities

Langflow Path Traversal Flaw CVE-2026-5027 Hits CISA's Exploited List

An unauthenticated write-anywhere bug in the open-source AI builder is being abused in the wild, per VulnCheck telemetry, raising fresh questions for federal users bound by BOD 22-01 patch deadlines.

2 min
Threat Intelligence

JDY Botnet's Quiet Comeback: 1,500 SOHO and IoT Nodes Now Mapping the Internet

Researchers tie the reconstituted scanner network to China-nexus operators conducting persistent, large-scale reconnaissance against exposed services.

3 min
AI Security

Knowingly Shipping Vulnerable Code Has Become Standard Practice, Survey Finds

A Checkmarx survey of 2,350 security leaders finds nearly half of production code is AI-generated — and enterprises are deploying it despite knowing it carries unresolved flaws.

3 min
AI Security

Anthropic's Mythos Shows AI Can Find Bugs Faster Than Humans. The Bug Bounty Model May Not Survive It.

Machine-speed vulnerability discovery is no longer theoretical. The question now is whether the bounty ecosystem — and the offensive security teams inside it — are priced and structured for a world where finding flaws is the easy part.

2 min
© 2026 Threat Vectr