Threat actor adds advanced ‘EDR killer’ tools to ransomware-as-a-service platform
One of the world’s top ransomware groups has given its criminal affiliates access to advanced tools […]
Microsoft broke some OLE automations with latest Windows update
Microsoft Office users may find that some of their applications are failing to open when called […]
Breaking the SOC triangle: How AI reshapes security operations trade-offs
A simple framework has always governed security operations that I call the SOC Triangle. It is […]
Security considerations for adopting Claude Code and Cowork for SMBs
You are a security leader at a small or medium-sized business (SMB), and your organization has […]
Microsoft says web-enabled AI agents can trigger host-level RCE
Microsoft is warning of a novel remote code execution (RCE) path possible through web-enabled AI agents, […]
M365 Copilot SearchLeak: Your prompt injection attack surface just got bigger
A recent proof-of-concept attack against Microsoft’s M365 Copilot Enterprise highlights what could be a much broader […]
Oracle releases 245 new security patches, all rated ‘high-priority security’
The Oracle Critical Security Patch update (CSPU) released this week contains 245 newly-announced fixes for supported […]
How does deception-based threat detection work in cloud and hybrid environments?
Key Takeaways Deception for cloud environments allows organizations to deploy realistic decoys, fake credentials and deceptive […]
Google DeepMind Roadmap Sets Security Controls for AI Agents
Google DeepMind’s AI Control Roadmap shows how advanced AI agents may need enterprise-grade safeguards, including monitoring, […]
Attackers abuse Google Ads, GitLab, and Claude to deliver malware
Threat actors are abusing trusted platforms, including Google Ads, GitLab pages, and Claude’s shared chat feature, […]