Skip to main content

Cybersecurity

General cybersecurity news and analysis

Bipartisan lawmakers stand in a formal congressional hearing room with laptops and papers on a large wooden table.

US Lawmakers Urge Action on AI-Discovered Vulnerabilities

Thirty-five US lawmakers are urging the White House to create a plan to manage the impending flood of AI-discovered vulnerabilities, seeking a framework to handle security flaws exposed by advanced AI models. They want federal agencies and private-sector leaders to collaborate on strategies to tackle this emerging challenge.

Analyst 207
Person working on laptop in modern office setting, conveying security and technology.

Akamai Bolsters AI Browser Security with $205M LayerX Acquisition

Akamai is taking browser security to the next level with its $205 million acquisition of LayerX, a cutting-edge startup that's changing the game with its innovative approach to securing interactions between users and applications. By integrating LayerX's technology, Akamai is bolstering its security stack to protect the increasingly AI-driven and cloud-based world.

Analyst 207
Security operations center with computer workstation and servers in the background.

European Banks Face AI-Driven Cyber Threats, Urged to Accelerate Defenses

European banks are being urged to rapidly bolster their cyber defenses as AI-driven threats escalate, with the ECB's vice-chair warning that inaction is not an option. Banks must adopt bank-specific, risk-based measures and redouble efforts to identify vulnerabilities using existing AI tools.

Analyst 207
Dimly lit server room with a lone laptop displaying a brightly lit AI interface.

Enterprises Lag in Securing Autonomous AI Agents

Most organizations are struggling to keep pace with the rapid evolution of autonomous AI agents, which can introduce new risks and behaviors at machine speed. As these agents increasingly handle sensitive data, enterprises face a pressing need to update their security strategies and tools to mitigate the emerging threats of shadow AI and over-permissioned agents.

Analyst 207
Generic computer server or network equipment rack in a data center setting.

NGINX Vulnerability Exposes Servers to DoS, Potential Code Execution

A critical vulnerability, CVE-2026-42945, has been lurking in NGINX's code for 18 years, exposing servers to potential DoS attacks and code execution - and affecting a staggering third of the top-ranked websites. This heap buffer overflow flaw, rated 9.2 in severity, is a wake-up call for NGINX users to take immediate action.

Analyst 207
Person in a corporate office speaking on phone with neutral expression.

Social Engineering Exposes Vulnerability in Corporate Networks

A clever phone call can be all it takes to breach a corporate network - just ask Brandon Dixon, a former penetration tester who convinced an IT security team to hand over root access by pretending to be their boss. With a simple social engineering trick, Dixon was able to reset his "password" and gain unrestricted access to the network.

Analyst 207
Smartphone on a neutral surface with a blurred cityscape background and a subtle lock icon on the screen, conveying…

Google Unveils Spyware Forensics Tool for High-Risk Android Users

Google's new Android Intrusion Logging tool helps high-risk users detect spyware attacks by recording suspicious activity, but raises concerns about sensitive data sharing and consent. To use it effectively, users must balance protection with secure log sharing and informed consent.

Analyst 207
Control room with large screen and gauges showing unclear, gradient-like patterns.

AI Hallucinations Expose Security Risks in Critical Infrastructure

Imagine a highly confident but fundamentally flawed advisor - that's what many AI models have become, with a staggering 36 out of 40 tested models more likely to provide incorrect answers with conviction than correct ones when faced with tough questions. This unsettling trend highlights a critical vulnerability in AI systems, particularly in high-stakes industries.

Analyst 207
Government officials gather around a laptop displaying code, showing interest and concern.

House Panel Scrutinizes Anthropic's Mythos Amid Cyber Risk Concerns

A recent closed-door briefing by Anthropic showed lawmakers firsthand how its advanced AI model, Mythos, can swiftly identify and reason through software vulnerabilities, highlighting the urgent need for federal agencies to access cutting-edge US models to stay ahead of cyber threats. This live demo reinforced the importance of responsible access to advanced AI for civilian cyber defenders to find and patch vulnerabilities before they can be exploited.

Analyst 207
Office setting with computer workstations and a laptop on a desk near a window overlooking a cityscape.

UK's ICO Unveils Five-Step Plan to Counter AI-Powered Cyber Threats

Boost your organization's defenses against AI-powered cyber threats with the UK's ICO five-step plan, and build public trust by putting robust security measures in place to protect personal data. By investing in cyber resilience, you can safeguard the data you hold and foster confidence in your organization's ability to keep it secure.

Analyst 207
Windows desktop with blue screen of death on monitor surrounded by office items.

Dell SupportAssist Software Sparks Windows BSOD Crashes

Dell has confirmed that a recent update to its SupportAssist Remediation service is causing blue-screen-of-death crashes on some Windows systems, and is actively working to resolve the issue. The problematic update, version 5.5.16.0, affects many new Dell computers running Windows 10 or 11.

Analyst 207
Empty office cubicle with laptop and smartphone on desk, surrounded by blurred office equipment and natural light from a…

AI Agents Expose Organizations to Identity Security Risks

Most organizations are unwittingly rolling out AI agents that can open the door to identity security breaches, with 93% using or planning to use them for sensitive tasks like password resets and VPN access. Despite this, many admit that these agents create new vulnerabilities.

Analyst 207
Formal court interior with podium and blurred law books, backdrop for financial crime indictment.

US Indicts Suspected Dream Market Admin on Money Laundering Charges

A suspected administrator of the now-defunct Dream Market has been indicted in the US on 12 federal counts of money laundering, with the Department of Justice alleging he used cryptocurrency to buy gold bars and ship them to his home in Germany. If convicted, he faces up to 20 years in prison for each count.

Analyst 207
Close-up of Linux computer's internal components, focusing on motherboard and CPU.

Linux Kernel Vulnerability Exposes Root Access Risk via Page Cache Corruption

A newly discovered Linux Kernel vulnerability, dubbed Fragnesia, allows unprivileged local attackers to corrupt the kernel page cache and gain root access, posing a significant risk to system security. This critical flaw, tracked as CVE-2026-46300, is the third local privilege escalation vulnerability found in Linux kernel in just two weeks.

Analyst 207
Server room with web server hardware exposed, conveying vulnerability.

NGINX Flaw Enables Unauthenticated Remote Code Execution

A critical 18-year-old vulnerability, known as NGINX Rift, has been discovered in NGINX Plus and NGINX Open Source, allowing unauthenticated attackers to remotely execute code with a single crafted HTTP request. This high-severity flaw, rated 9.2 on the CVSS v4 scale, poses a significant threat to vulnerable servers.

Analyst 207
Rows of outdated servers and routers in a network operations center with technicians in the background.

Cisco CEO Warns of Growing Risk from Unpatchable Technology

Cisco CEO Chuck Robbins warns that unpatchable technology poses a growing risk, and he's turning to AI tools like Anthropic's Claude Mythos to accelerate modernization and safeguard infrastructure. By leveraging Mythos, Cisco aims to not only boost productivity but also help customers replace outdated equipment that can no longer be patched.

Analyst 207
Empty corporate office lobby with sleek reception desk and smart technology hints.

Cisco Restructures, Lays Off 4,000 Staff Amid AI-Focused Growth

Cisco is making a bold move into the AI era, restructuring its workforce to drive growth and innovation, with a commitment to supporting impacted employees through personalized learning and career development opportunities. As part of this shift, the company will provide one year of access to its top courses and certifications, covering AI, Security, Networking, and more.

Analyst 207
Brightly-lit tech company headquarters with server room interior and security hint.

AWS Discloses Flaw in Quick Access Control

AWS swiftly addressed a security flaw in Quick Access, discovered by Fog Security, which could have allowed unauthorized users to bypass access controls, and fortunately, no customer data was compromised. The issue was resolved in March 2026, with no action required from customers.

Analyst 207
Code review room with laptop and monitor on a clean desk, surrounded by empty whiteboards and a window with natural daylight.

AI-Powered Bug Hunting Spurs Surge in Patches

While AI-powered bug hunting may mean more patches and work for admins in the short term, it also means a significant boost in identifying and fixing security holes - like the 75 issues frontier models found across 130 Palo Alto Networks products. This surge in patches is a small price to pay for a major leap in cybersecurity.

Analyst 207
Futuristic cyber reasoning platform on a sleek display surrounded by blurred tech equipment.

Exaforce Secures $125M to Accelerate Real-Time Cyber Reasoning

In a world where cyber threats move at lightning speed, Exaforce founder Ankur Singla stresses that defense must too, with humans supervising while machines react in real-time. His startup's innovative platform aims to make this vision a reality with autonomous, near-instant responses to enterprise telemetry.

Analyst 207
Cybersecurity equipment and laptop in a clean room setting with natural light.

OpenAI Launches Daybreak to Bolster Cybersecurity with AI-Powered Vulnerability Detection

OpenAI's new Daybreak platform is revolutionizing cybersecurity with AI-powered vulnerability detection, empowering organizations to spot risks earlier and build resilient software from the ground up. By harnessing the power of large language models, Daybreak helps teams identify, patch, and validate software vulnerabilities faster than ever before.

Analyst 207
British Parliament building with subtle tech elements, symbolizing national security measures.

UK Plans Overhaul of Cybersecurity Law to Bolster Defenses

King Charles III has announced plans to revamp the UK's cybersecurity law, introducing a new Cyber Security and Resilience Bill to strengthen the country's defenses against growing threats from foreign state entities and their proxies. This overhaul aims to modernize Britain's cyber posture and bolster its digital security.

Analyst 207
Modern financial district with sleek skyscrapers and a laptop in the foreground.

IMF Warns AI Exacerbates Cyber Risk to Financial Stability

The International Monetary Fund warns that artificial intelligence is supercharging cyber risk, transforming it into a potential threat to global financial stability. A single vulnerability exploited across multiple institutions could have devastating consequences for the entire financial ecosystem.

Analyst 207
Vulnerable server in a data center setting with exposed network connections.

Exim Flaw Exposes Servers to Remote Code Execution

A critical flaw in Exim, tracked as CVE-2026-45185, leaves servers vulnerable to remote code execution if they're running specific builds, but thankfully, a remediation was published in Exim version 4.99.3. This vulnerability is triggered during TLS shutdown while handling certain SMTP traffic, allowing attackers to exploit it.

Analyst 207