Threat feeds, vulnerability disclosures, AI security research, and model updates — curated for security engineers and developers.
View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to enumerate the functionality of each component associated with the PLC, reconfigure, rename, delete, perform file transfers, and make remote procedure calls. The following versions of…
View CSAF Summary Successful exploitation of this vulnerability could allow a low privileged remote attacker to manipulate register values, which would result in too much or too little odorant being injected into a gas line. The following versions of GPL Odorizers GPL750 are…
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-1340 Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability This type of vulnerability is a frequent attack vector for…
Ransomware will never die, will it? In fact, it’s more powerful than ever thanks to GenAI and creative operators that evolve techniques to generate profit. The post Ransomware Lives On, Blending Hacktivism and Crime, Fueled by AI appeared first on Security…
The technological trajectory is clear: Hash-based systems anchored in the National Center for Missing and Exploited Children (“NCMEC”) database remain highly effective for identifying known CSAM, but they are structurally incapable of addressing synthetic, modified, or…
The Cloud Security Alliance’s MythosReady report offers a calm, rational roadmap for navigating the AI-driven vulnerability surge. But two critical questions about exploit automation and the painful transition ahead deserve more attention. The post The Vuln Surge is Coming. CSA…
Artificial Intelligence (AI) company Anthropic announced a new cybersecurity initiative called Project Glasswing that will use a preview version of its new frontier model, Claude Mythos, to find and address security vulnerabilities. The model will be used by a small set of…
Its Mythos Preview model, which can allegedly find and exploit critical zero-days, also comes with certain controls, the vendor…
Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every…
Google doesn’t train Gemini using personal emails. Here’s how Google keeps private data secure in Gmail amid new AI model…
Google is introducing two new inference tiers to the Gemini API, Flex and Priority, to balance cost and…
Veo 3.1 Lite is now available in paid preview through the Gemini API and for testing in Google AI…