Scams now operate like real businesses with budgets and targets
Social media has overtaken email as a primary attack vector, showing changes in how people consume information and interact online, according to Bitdefender’s Global …
The security questions around Chinese AI coding models in U.S. software
Software developers across the United States are using AI models built in China to write, debug, and review code, drawn by prices below those of American alternatives. These …
Cybercriminals create 19,000 FIFA-themed domains ahead of 2026 World Cup
Fans looking for tickets, accommodation and match broadcasts are already encountering scams tied to the 2026 FIFA World Cup. The 2026 FIFA World Cup will bring millions of …
52% of direct-to-IP threats are missing from intelligence feeds
Security tools are good at inspecting websites, domains, URLs, and files, so attackers are moving lower in the stack and communicating directly with IP addresses, where …
Most pros have seen AI hallucinations in IT operations
Autonomous AI is taking action inside enterprise IT environments. Software is restarting services, isolating risky devices, and applying patches without waiting for a human to …
OAuth marketplace apps keep access after publishers vanish
Installing an app from the Google Workspace Marketplace or GitHub Marketplace can grant a third party access to company email, files, calendars, code repositories, CI …
Known vulnerabilities behind most application security incidents
Eight in ten organizations took an application security hit during the past year tied to a vulnerability their team had already cataloged, according to a survey of 902 IT and …
Codex knowledge work expands into research, reports, and spreadsheets
Office workers in the United States lose hours each week to email triage and to searching for files spread across disconnected systems. Roughly 40 percent of US labor, about …
145 AI laws passed in 2025 and privacy teams aren’t catching a break
145 AI-related laws were enacted by state legislatures in 2025, and more than 1,000 additional bills were introduced or revised, according to DataGrail’s Privacy and AI …
Oil shipments, drone makers, and a poisoned code library targeted in recent APT campaigns
Geopolitical pressure drove much of the state-sponsored cyber activity recorded between October 2025 and March 2026, according to ESET’s latest APT Activity Report. …
Frontier AI models collapse under multi-turn AI attacks, Cisco finds
Attackers who probe large language models rarely give up after one refusal. They reframe, build context across turns, adopt personas, and escalate gradually. New research from …
Companies built AI into core systems before figuring out how to govern it
70% of organizations use GenAI in live environments, and 64% have AI agents in pilot or production deployments. Some of those agents have privileged access to core systems, …
Featured news
Resources
Don't miss
- Prompt injection is becoming the XSS of the web agent era
- The script, not the voice, is what makes AI voice phishing work
- The five step plan that cuts security budget waste
- CISA folds its own hard-won lessons into coordinated vulnerability disclosure guidance
- Romania’s land registry hit by cyber attack, data allegedly for sale