CanisterWorm’s latest evolution turns TeamPCP’s cloud-native toolkit into a geopolitically tuned wiper, capable of bricking entire Kubernetes clusters when it lands on systems configured for Iran. The campaign reuses the same Internet Computer Protocol (ICP) canister C2 and backdoor infrastructure…
Tag: EN
81-month sentence for Russian hacker behind major ransomware campaigns
U.S. sentences Russian hacker Aleksei Volkov to 81 months in prison for aiding ransomware attacks, causing over $9M in damages. A U.S. court sentenced Aleksei Olegovich Volkov to 81 months in prison for supporting ransomware groups like Yanluowang. He helped…
Team Mirai and Democracy
Japan’s election last month and the rise of the country’s newest and most innovative political party, Team Mirai, illustrates the viability of a different way to do politics. In this model, technology is used to make democratic processes stronger, instead…
Microsoft Details New Security Safeguards for Generative AI Models on Azure AI Foundry
The rapid rise of generative AI has brought new security concerns that organizations can no longer afford to overlook. Microsoft has now outlined a detailed framework of security safeguards designed to protect generative AI models hosted on its Azure AI…
Why Your Monitoring Program Is Letting Attackers Win
There is a version of threat monitoring that looks impressive on paper and fails in practice. High log ingestion volumes. Hundreds of detection rules. A dashboard full of metrics. And yet, attackers dwell in the environment for weeks or months completely…
Russian initial access broker who fed ransomware crews gets 81 months in US prison
Aleksei Volkov sentenced after enabling attacks that cost victims millions A Russian national who sold the keys to corporate networks faces nearly seven years in a US prison after prosecutors tied his handiwork to a string of ransomware attacks costing…
NVIDIA puts GPU orchestration in community hands
GPU-accelerated AI workloads now run on Kubernetes in the large majority of enterprise environments. Managing those workloads at scale has required specialized tooling that, until now, remained under vendor control. NVIDIA moved to change that at KubeCon Europe in Amsterdam…
Microsoft details AI prompt abuse techniques targeting AI assistants
Prompt abuse occurs when crafted inputs manipulate an AI system into producing unintended behavior, such as attempting to access sensitive information or overriding built-in safety instructions. Prompt injection is also recognized as one of the top risks in the 2025…
Vulnerabilities from years ago still opening doors for attackers
Exploitation timelines continued to compress in enterprise environments, with newly disclosed flaws reaching active use almost immediately and older weaknesses remaining active years after disclosure. (Source: Cisco Talos) Findings from Cisco Talos’ 2025 Year in Review show how attackers combined…
Critical Citrix NetScaler Vulnerability Poised for Exploitation, Security Firms Warn
An out-of-bounds read vulnerability can be exploited remotely without authentication to read sensitive information from memory. The post Critical Citrix NetScaler Vulnerability Poised for Exploitation, Security Firms Warn appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
AiStrike cuts alert noise with Continuous Detection Engineering
AiStrike has launched Continuous Detection Engineering, a capability that transforms how security operations teams manage detections, shifting from reactive alert triage to proactive, intelligence-driven optimization. The detection quality gap Security teams today are overwhelmed by alerts, but the root cause…
Protos AI delivers agent-driven threat intelligence without vendor lock-in
Protos Labs has announced the launch of a freemium edition of Protos AI, a platform that deploys specialized AI agents augmenting cyber threat intelligence (CTI) analyst teams by executing structured investigations from planning to reporting. The new tier enables security…
Check Point unveils AI Defense Plane to govern and secure enterprise AI systems
Check Point has announced the Check Point AI Defense Plane, a unified AI security control plane designed to help enterprises govern how AI is connected, deployed, and operated across the business. As AI systems move from assistants to autonomous actors…
Italy Fines UK’s Trustpilot €4m For Misleading Consumers
Italian competition regulator fines review provider Trustpilot for failing to verify reviews, obscuring information about business payments This article has been indexed from Silicon UK Read the original article: Italy Fines UK’s Trustpilot €4m For Misleading Consumers
Multiple Vulnerabilities in TP-Link Devices Enable Arbitrary Command Execution
TP-Link recently published a critical security advisory addressing four high-severity vulnerabilities in its Archer series routers. The flaws impact the Archer NX200, NX210, NX500, and NX600 models. If successfully exploited, these vulnerabilities enable threat actors to bypass authentication, execute unauthorised…
MIWIC26: Motunrayo Fransisca Ogundipe, Cybersecurity Analyst at TikTok
Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2026’s Top 20 women selected…
Google Says Gemini AI Agents are Crawling the Dark Web Posts to Detect Threats
Google has officially deployed Gemini AI agents within Google Threat Intelligence to autonomously monitor dark web forums in public preview. These agents process millions of posts daily, using advanced organizational profiling to detect specific security risks like data leaks and…
Mazda Says Employee, Partner Information Stolen in Cyberattack
The hackers stole internal IDs, names, email addresses, and business partner IDs from an internal management system. The post Mazda Says Employee, Partner Information Stolen in Cyberattack appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
How to Enroll a Code Signing Certificate in Sectigo Certificate Manager?
The process for allowing organizations to securely create and manage certificates to digitally sign software via a Code Signing Certificate enrollment process within SCM (Sectigo Certificate Manager) is provided in this guide. This guide tells about the entire enrollment process…
Tuskira replaces centralized detection model with real-time, distributed approach
Tuskira has released its Federated Detection Engine, a new capability within its Agentic SecOps platform that enables real-time threat detection across cloud, identity, endpoint, network, SaaS, infrastructure, and legacy SIEM environments, without relying on centralized logging. Detection engineering still depends…