AI blog APT blog Attack blog BigBrother blog BotNet blog Cyber blog Cryptocurrency blog Exploit blog Hacking blog ICS blog Incident blog IoT blog Malware blog OS Blog Phishing blog Ransom blog Safety blog Security blog Social blog Spam blog Vulnerebility blog
DATE | NAME | Info | CATEG. | WEB |
| 7.2.2026 | Viral AI, Invisible Risks: What OpenClaw Reveals About Agentic Assistants | OpenClaw (aka Clawdbot or Moltbot) represents a new frontier in agentic AI: powerful, highly autonomous, and surprisingly easy to use. In this research, we examine how its capabilities compare to its predecessors’ and highlight the security risks inherent to the agentic AI paradigm. | AI blog | Trend Micro |
| 7.2.2026 | FlowiseAI Custom MCP Node Remote Code Execution | SonicWall Capture Labs threat research team became aware of the threat CVE-2025-59528, assessed its impact, and developed mitigation measures for this vulnerability. CVE-2025-59528, also known as Flowise CustomMCP Code Injection, is a critical remote code execution vulnerability affecting FlowiseAI Flowise in versions >= 2.2.7-patch.1 and < 3.0.6. | AI blog | SonicWall |
| 7.2.2026 | All gas, no brakes: Time to come to AI church | This week, Joe cautions the rush to adopt AI tools rife with truly awful security vulnerabilities. | AI blog | CISCO TALOS |
| 1.2.26 | Generative AI and cybersecurity: What Sophos experts expect in 2026 | AI has dominated cybersecurity headlines for years, but as we enter 2026, the conversation is shifting from hype to hard realities. Across incident response, threat intelligence, and security operations, Sophos experts see clearer signals of where AI is truly making an impact. For IT teams already stretched thin, this isn’t theoretical — it’s reshaping daily decisions. | AI blog | SOPHOS |
| 1.2.26 | The Next Frontier of Runtime Assembly Attacks: Leveraging LLMs to Generate Phishing JavaScript in Real Time | Imagine visiting a webpage that looks perfectly safe. It has no malicious code, no suspicious links. Yet, within seconds, it transforms into a personalized phishing page. | AI blog | Palo Alto |
| 1.2.26 | Children and chatbots: What parents should know | As children turn to AI chatbots for answers, advice, and companionship, questions emerge about their safety, privacy, and emotional development | AI blog | Eset |
| 24.1.26 | Watering Hole Attack Targets EmEditor Users with Information-Stealing Malware | TrendAI™ Research provides a technical analysis of a compromised EmEditor installer used to deliver multistage malware that performs a range of malicious actions. | AI blog | Trend Micro |
| 24.1.26 | Introducing ÆSIR: Finding Zero-Day Vulnerabilities at the Speed of AI | TrendAI™’s ÆSIR platform combines AI automation with expert oversight to discover zero-day vulnerabilities in AI infrastructure – 21 CVEs across NVIDIA, Tencent, and MLflow since mid-2025. | AI blog | Trend Micro |
| 24.1.26 | KONNI Adopts AI to Generate PowerShell Backdoors | Check Point Research (CPR) is tracking a phishing campaign linked to a North Korea–aligned threat actor known as KONNI. | AI blog | |
| 17.1.26 | Remote Code Execution With Modern AI/ML Formats and Libraries | We identified vulnerabilities in three open-source artificial intelligence/machine learning (AI/ML) Python libraries published by Apple, Salesforce and NVIDIA on their GitHub repositories. Vulnerable versions of these libraries allow for remote code execution (RCE) when a model file with malicious metadata is loaded. | AI blog | Palo Alto |
| 17.1.26 | When AI Gets Bullied: How Agentic Attacks Are Replaying Human Social Engineering | December closed out 2025 with a clear signal that AI risk, capability, and governance are evolving faster than ever. Updated CASI and ARS leaderboards showed a notable shift at the top, with GPT-5.2 delivering an 11-point security improvement over GPT-5.1, while NVIDIA’s latest model demonstrated that strong performance and efficiency are increasingly attainable outside the traditional hyperscaler ecosystem. | AI blog | F5 |
| 10.1.26 | Winning the AI War: Why Preemptive Cyber Defense is the Only Viable Countermeasure for CISOs | The escalation of AI-driven cyber threats has fundamentally broken the traditional security lifecycle. For decades, the industry has operated on a reactive cadence: an attack occurs, indicators are gathered, and defenses are updated. This model assumes that defenders have time to react. | AI blog | Silent Push |
| 10.1.26 | Executive Summary The OPCOPRO “Truman Show” operation is a fully synthetic, AI‑powered investment scam that ... | AI blog | CHECKPOINT | |
| 10.1.26 | Securing Vibe Coding Tools: Scaling Productivity Without Scaling Risk | The promise of AI-assisted development, or “vibe coding,” is undeniable: unprecedented speed and productivity for development teams. In a landscape defined by complex cloud-native architectures and intense demand for new software, this force multiplier is rapidly becoming standard practice. | AI blog | Palo Alto |