A sophisticated evasion technique developed by Vidar infostealer operators successfully bypasses Google Chrome’s Application-Bound Encryption (ABE). Introduced in 2024, ABE was designed to protect browser-stored cookies and sensitive credentials. According to recent findings by Gen Threat Labs, the latest iterations…
Tag: EN
Gentlemen RaaS Unifies HexKiller, ThrottleBlood, and HavocKiller in New Evasion Suite
An analysis of the Gentlemen ransomware-as-a-service (RaaS) operation has revealed a sophisticated, centralized approach to neutralizing endpoint detection and response (EDR) solutions. This unified defense evasion framework sets the group apart in an increasingly crowded ransomware landscape, significantly lowering the…
AutoJack Exploit Chain Hits Microsoft AutoGen Studio With Zero-Click RCE Attack
A critical exploit chain dubbed AutoJack that allows a single malicious web page to hijack Microsoft’s AutoGen Studio browsing agent and silently execute arbitrary code on the host machine, requiring no user interaction beyond submitting a URL. AutoJack targets AutoGen Studio, Microsoft Research’s…
From PGP to Mythos: a brief history of export controls that didn’t stop anyone
For the last 30 years, stopping the flow of cybersecurity-related software has proven to be ineffective. It’s unclear why it would work now with Anthropic’s cybersecurity model Mythos. This article has been indexed from Security News | TechCrunch Read the…
JCPenney – 368,418 breached accounts
In June 2026, retailer JCPenney and associated brands were targeted in a ShinyHunters “pay or leak” extortion campaign. Data allegedly obtained from JCPenney through the exploitation of a critical zero-day vulnerability in Oracle PeopleSoft was later published publicly. The exposed…
AutoJack – A Single Web Page Can Hijack Your AI Agent to Execute Malicious Code
A critical exploit chain dubbed AutoJack that allows a single malicious web page to hijack Microsoft’s AutoGen Studio browsing agent and execute arbitrary code on the host machine without any user interaction beyond submitting a URL. AutoJack is a three-vulnerability…
5 People You Meet In Cybersecurity – David Shipley Interviews Amy Lee
In this special Cybersecurity Today weekend interview, host David Shipley speaks with Amy Yee about leadership, resilience, and the human side of cybersecurity. Amy shares her remarkable journey from electrical engineering and venture capital to becoming the inaugural Chief Digital…
Innovator Spotlight: Centrii
Innovators Spotlight: Turning OT Cyber Risk Into a Dollar Figure With Centrii If you spend your days drowning in dashboards that are screaming red, this one is for you. The… The post Innovator Spotlight: Centrii appeared first on Cyber Defense…
Innovator Spotlight: Ensemble
Ensemble: Building Cyber Resilience Into The Revenue Cycle If you work in healthcare, you already know the punchline. Margins are thin, data is sensitive, and everyone wants to move fast… The post Innovator Spotlight: Ensemble appeared first on Cyber Defense…
Threat Brief: Mitigating Large-Scale Credential Attacks
We provide guidance for preparing for and mitigating large-scale credential attacks, focusing on recent campaigns targeting security vendors’ devices. The post Threat Brief: Mitigating Large-Scale Credential Attacks appeared first on Unit 42. This article has been indexed from Unit 42…
Encryption, spyware, and now Mythos: History shows why cyber export control doesn’t work
For the last 30 years, stopping the flow of cybersecurity-related software has proven to be ineffective. It’s unclear why it would work now with Anthropic’s cybersecurity model Mythos. This article has been indexed from Security News | TechCrunch Read the…
Android 17 Is Live on Pixel, but Samsung and Other Android Users Still Have to Wait
Android 17 is rolling out to supported Pixel devices first, while non-Pixel users and IT teams face separate OEM timelines, beta programs, and app-testing considerations. The post Android 17 Is Live on Pixel, but Samsung and Other Android Users Still…
Analysis of Reported Credential Compromise of FortiGate Devices
What you need to know about “FortiBleed” This article has been indexed from PSIRT Blog Read the original article: Analysis of Reported Credential Compromise of FortiGate Devices
Friday Squid Blogging: Victims of Unregulated Squid Fishing
Dolphins, sharks, turtles, and human workers are all victims of unregulated squid fishing fleets. Another news article. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog…
The Department of Know: SearchLeak, Check Point zero-day, and pulling the plug on Fable
This week’s Department of Know is hosted by Rich Stroffolino, with guests Arif Hameed, CISO, C&R Software; Adam Palmer, CISO, First Hawaiian Bank; Jon Collins, Field CTO, GigaOm; and Jack Leidecker, EVP, CSO, Gainsight. Huge thanks to our sponsor, ThreatLocker Every…
What Are AI SOC Agents? Use Cases, Architecture, and the Leading Vendors
The Alert Volume Problem That Created This Category The SANS 2025 Global SOC Survey found that 85% of SOCs trigger incident response primarily from endpoint alerts, while 42% admit to ingesting all data into their SIEM with no structured plan…
ShinyHunters targets Oracle PeopleSoft customers through critical zero-day
Oracle has issued a security alert to customers about a critical vulnerability affecting PeopleSoft environments after the notorious threat actor ShinyHunters claimed it used a previously unknown flaw to compromise over 100 entities. The vulnerability CVE-2026-35273 is in Oracle PeopleSoft…
AI-Powered Attacks Become Top Concern for Security Professionals, New Filigran Survey Reveals
AI-powered attacks are the biggest cybersecurity concern among security professionals. Forty-one percent identified AI-powered attacks at scale as their biggest security concern, nearly double the number citing supply chain risk (21%) or unknown threats (21%). AI-driven threats and what security…
Unpatchable ‘usbliter8’ Exploit Breaks Apple A12 and A13 SecureROM Boot Chain
Security researchers at Paradigm Shift have published a working exploit, dubbed usbliter8, that achieves arbitrary code execution inside the SecureROM of Apple’s A12 and A13 chips. That code is burned into the silicon at manufacture. No software update can reach it. Affected devices…
Testing Strategies for Web Development Code Generated by LLMs
Large Language Models (LLMs) can automate the development process by producing a substantial amount of web application code in just a few minutes. Nonetheless, it is important to bear in mind that these models are pattern-based and not deterministic. Work…