Attackers spill plaintext passwords of 46k Myspace93 users after 2021 breach
The company has developed a platform that uses specialized AI agents to inspect every incoming message.
The post Ocean Emerges From Stealth With $28M for Agentic Email Security Platform appeared first on SecurityWeek.
The company blocked over 1.1 billion accounts and $2.2 billion in potentially fraudulent transactions.
The post Apple Rejected 2 Million App Store Submissions in 2025 for Security and Fraud Prevention appeared first on SecurityWeek.
The company will invest in its firewall, certified patches, protection extensions, new products, and team expansion.
The post Socket Raises $60 Million at $1 Billion Valuation appeared first on SecurityWeek.
New vulnerabilities are being discovered too fast, the time-to-exploitation is too short, and our visibility into them is largely lacking.
The post Supply Chain Security Crisis: Too Many Vulnerabilities, Too Little Visibility appeared first on SecurityWeek.
The exploitation is mitigated by preventing the FsTx Auto Recovery Utility from starting when the WinRE image launches.
The post Microsoft Rolls Out Mitigations for ‘YellowKey’ BitLocker Bypass appeared first on SecurityWeek.
Digital.ai’s latest threat report warns that agentic AI has erased the distinction between emerging and primary targets, enabling attackers to strike mobile apps within hours of release across every industry.
The post AI-Powered App Attacks Are Faster, More Frequent and Harder to Stop appeared first on SecurityWeek.
Good report:
Executive Summary: Let’s say you wanted to make sure that your AI is secure. Can you just maximize the security and privacy benchmark and call it a day? Nope, because benchmarks don’t actually work for measuring AI capabilities (even when they are NOT emergent systemic properties like security). So let’s take a step back: how do you measure security in the first place? Good question. Over the last 30 years, security engineering for software evolved from black box penetration testing, through whitebox code analysis and architectural risk analysis to de facto process-driven standards like the Building Security In Maturity Model (BSIMM). Software had a very deep impact on business operations, and it appears that AI is going to have an even deeper impact. Will a software security-like measurement move work for AI? Probably. In the meantime we can make real progress in AI security by cleaning up our WHAT piles and managing risk by identifying and applying good assurance processes. (Spoiler alert: no matter what we do, we still don’t get a security meter for AI, so we need to be extra vigilant about security.)
A compromised maintainer account was used to publish malicious package versions across the @antv namespace.
The post Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack appeared first on SecurityWeek.
Learn how AI transforms cybersecurity through enhanced threat detection, new attack methods, model vulnerabilities, and the evolving skills teams need in 2026.
The post Top AI Risks Every Security Team Should Be Testing For appeared first on OffSec.
Attackers are increasingly abusing Microsoft’s decades-old MSHTA utility to stealthily deliver stealers, loaders, and persistent malware through phishing, fake software downloads, and LOLBIN-based attack chains.
The post Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks appeared first on SecurityWeek.
Patched in April, the underlying vulnerability allows local attackers to elevate their privileges to root.
The post PoC Released for DirtyDecrypt Linux Kernel Vulnerability appeared first on SecurityWeek.