AI blog APT blog Attack blog BigBrother blog BotNet blog Cyber blog Cryptocurrency blog Exploit blog Hacking blog ICS blog Incident blog IoT blog Malware blog OS Blog Phishing blog Ransom blog Safety blog Security blog Social blog Spam blog Vulnerebility blog
DATE | NAME | Info | CATEG. | WEB |
| 25.4.26 | Why AI Cybersecurity Is No Longer Optional for Australian Organizations: Moving from Reactive to Predictive Defense | AI cybersecurity is crucial for Australian businesses as they face rising cyber threats. Predictive solutions help detect, prevent, and respond to attacks in real-time. | AI blog | Cyble |
| 25.4.26 | Frontier AI and the Future of Defense: Your Top Questions Answered | Over the last several weeks, Palo Alto Networks and Unit 42 have been talking with CISOs and security leaders globally to discuss the emergence of frontier AI models and their broader implications on cybersecurity. | AI blog | Palo Alto |
| 25.4.26 | It pays to be a forever student | In this newsletter, Joe discusses why understanding other disciplines can often flow back into the macro and micro of cybersecurity, especially in a world of AI. | AI blog | CISCO TALOS |
| 25.4.26 | New NGate variant hides in a trojanized NFC payment app | ESET researchers discover another iteration of NGate malware, this time possibly developed with the assistance of AI | AI blog | Eset |
| 18.4.26 | Advances in AI model-powered exploitation have demonstrated that general-purpose AI models can excel at vulnerability discovery, even without being purpose-built for the task. Eventually, capabilities such as these will be integrated directly into the development cycle, and code will be more difficult to exploit than ever; however, this transition creates a critical window of risk. As we harden existing software with AI, threat actors will use it to discover and exploit novel vulnerabilities. | AI blog | GTI | |
| 18.4.26 | How Cyble Blaze AI Delivers 360° Threat Visibility Across Dark Web and Enterprise Systems | Cyble Blaze AI transforms cybersecurity by unifying data, predicting threats, and automating response across enterprise and dark web intelligence. | AI blog | Cyble |
| 18.4.26 | Building a last-resort unpacker with AI | Exploring how AI can assist in unpacking protected binaries, recovering payloads from unsupported packers, while reducing repetitive analysis | AI blog | GENDIGITAL |
| 18.4.26 | Identity Protection in the AI Era | Enterprises aiming to predict and mitigate human, machine, and AI‑agent risks at scale demand AI‑powered identity‑first security without compromise. | AI blog | Trend Micro |
| 11.4.26 | We let OpenClaw loose on an internal network. Here’s what it found | “Even the most ‘risk-on’ organizations with deep AI and security experience, will likely find it challenging to configure OpenClaw in a way that effectively mitigates the risk of compromise or data loss, while still retaining any productivity value.” | AI blog | SOPHOS |
| 11.4.26 | When Geopolitical Conflict Spills into Cyberspace — How US Organizations Should Respond | The 2026 Iran-US-Israel escalation shows how cyber warfare attacks are reshaping conflict, merging cyber warfare attacks with kinetic operations AI. | AI blog | Cyble |
| 11.4.26 | Dual-Brain Architecture: The Cybersecurity AI Innovation That Changes Everything | Agentic AI architecture enables dual-brain cybersecurity with predictive intelligence, autonomous response, and faster, smarter threat defense. | AI blog | Cyble |
| 11.4.26 | TrendAI Insight: New U.S. National Cyber Strategy | TrendAI reviews the White House National Cyber Strategy, outlining six pillars to strengthen U.S. cybersecurity—from deterrence and regulation to federal modernization, critical infrastructure protection, AI leadership, and workforce development. | AI blog | Trend Micro |
| 11.4.26 | GPT Academic Pickle Deserialization Remote Code Execution | GPT Academic Pickle Deserialization Remote Code Execution(CVE-2026-0763) | AI blog | SonicWall |
| 11.4.26 | Double Agents: Exposing Security Blind Spots in GCP Vertex AI | Artificial intelligence (AI) agents are quickly advancing into powerful autonomous systems that can perform complex tasks. These agents can be integrated into enterprise workflows, interact with various services and make decisions with a degree of independence. Google Cloud Platform’s Vertex AI, with its Agent Engine and Application Development Kit (ADK), provides a comprehensive platform for developers to build and deploy these sophisticated agents. | AI blog | Palo Alto |
| 11.4.26 | When an Attacker Meets a Group of Agents: Navigating Amazon Bedrock's Multi-Agent Applications | Multi-agent AI systems extend beyond single-agent architectures by enabling groups of specialized agents to collaborate on complex tasks. This approach improves functionality and scalability, but it also expands the attack surface, introducing new pathways for exploitation through inter-agent communication and orchestration. | AI blog | Palo Alto |
| 11.4.26 | As breakout time accelerates, prevention-first cybersecurity takes center stage | Threat actors are using AI to supercharge tried-and-tested TTPs. When attacks move this fast, cyber-defenders need to rethink their own strategy. | AI blog | Eset |
| 4.4.26 | How Cyble Blaze AI Predicts Cyber Threats 6 Months in Advance Using Agentic Intelligence | Predictive Cybersecurity with Cyble Blaze AI uses agentic AI to forecast threats months ahead and automate faster, smarter responses. | AI blog | Cyble |
| 4.4.26 | Weaponizing Trust Signals: Claude Code Lures and GitHub Release Payloads | A packaging error in Anthropic’s Claude Code npm release briefly exposed internal source code. This entry examines how threat actors rapidly weaponized the resulting attention, pivoting an existing AI-themed campaign to spread Vidar and GhostSocks. | AI blog | Trend Micro |
| 4.4.26 | GPT Academic Pickle Deserialization Remote Code Execution | SonicWall Capture Labs threat research team became aware of the threat CVE-2026-0763, assessed its impact, and developed mitigation measures for this vulnerability. The flaw, also tracked as ZDI-26-029, is a critical unauthenticated remote code execution vulnerability affecting GPT Academic in versions 3.91 and earlier. | AI blog | SonicWall |
| 4.4.26 | Double Agents: Exposing Security Blind Spots in GCP Vertex AI | Artificial intelligence (AI) agents are quickly advancing into powerful autonomous systems that can perform complex tasks. These agents can be integrated into enterprise workflows, interact with various services and make decisions with a degree of independence. Google Cloud Platform’s Vertex AI, with its Agent Engine and Application Development Kit (ADK), provides a comprehensive platform for developers to build and deploy these sophisticated agents. | AI blog | Palo Alto |
| 4.4.26 | ChatGPT Data Leakage via a Hidden Outbound Channel in the Code Execution Runtime | Sensitive data shared with ChatGPT conversations could be silently exfiltrated without the user’s knowledge or approval. | AI blog | CHECKPOINT |
| 28.3.26 | The Agentic AI Attack Surface: Prompt Injection, Memory Poisoning, and How to Defend Against Them | Prompt injection attacks are reshaping agentic AI risk. Discover how they exploit reasoning layers and how to defend against evolving AI threats. | AI blog | Cyble |
| 28.3.26 | Your AI Stack Just Handed Over Your Root Keys: Inside the litellm PyPI Breach | Litellm PyPI breach explained: malicious versions steal cloud credentials, SSH keys, and Kubernetes secrets. Learn impact and urgent mitigation steps. | AI blog | Trend Micro |
| 28.3.26 | RSAC 2026 wrap-up – Week in security with Tony Anscombe | This year, AI agents took the center stage – as a defensive capability, but more pressingly as a risk many organizations haven't caught up with | AI blog | Eset |
| 21.3.26 | AI-Powered Cyber Warfare: How Autonomous Attack Agents Are Changing the Threat Landscape | Autonomous attack agents and AI-driven malware are reshaping cyber warfare—making attacks faster, smarter, and harder to stop than ever before. | AI blog | Cyble |
| 21.3.26 | AI-Assisted Phishing Campaign Exploits Browser Permissions to Capture Victim Data | Cyble analyzes an AI-driven phishing campaign that abuses browser permissions to capture victims images and exfiltrate the data to attacker-controlled Telegram bots. | AI blog | Cyble |
| 21.3.26 | Analyzing the Current State of AI Use in Malware | Unit 42 researchers searched through open-source intelligence (OSINT) and our internal telemetry for potential signs of malware made to any degree with large language models (LLMs). This includes either using LLMs to create the malware entirely or to assist with their functionality. This article examines two samples, both of which originated from our OSINT hunts. | AI blog | Palo Alto |
| 21.3.26 | Open, Closed and Broken: Prompt Fuzzing Finds LLMs Still Fragile Across Open and Closed Models | Unit 42 researchers have developed a genetic algorithm-inspired prompt fuzzing method to automatically generate variants of disallowed requests that preserved their original meaning. This method also measures guardrail fragility under systematic rephrasing. | AI blog | Palo Alto |
| 14.3.26 | TrendAI™ at [un]prompted 2026: From KYC Exploits to Agentic Defense | At [un]prompted 2026, TrendAI™ demonstrated how documents can be used to exploit AI-driven KYC pipelines and introduced FENRIR, an automated system for discovering AI vulnerabilities at scale. | AI blog | Trend Micro |
| 14.3.26 | Auditing the Gatekeepers: Fuzzing "AI Judges" to Bypass Security Controls | As organizations scale AI operations, they increasingly deploy AI judges — large language models (LLMs) acting as automated security gatekeepers to enforce safety policies and evaluate output quality. Our research investigates a critical security issue in these systems: They can be manipulated into authorizing policy violations through stealthy input sequences, a type of prompt injection. | AI blog | Palo Alto |
| 14.3.26 | Agentic AI security: Why you need to know about autonomous agents now | There are many benefits and security risks of deploying agentic AI within organizations. This blog emphasizes the importance of robust risk management and threat modeling to defend against both internal operational errors and potential malicious exploitation. | AI blog | CISCO TALOS |
| 7.3.26 | AI as tradecraft: How threat actors operationalize AI | Threat actors are operationalizing AI to scale and sustain malicious activity, accelerating tradecraft and increasing risk for defenders, as illustrated by recent activity from North Korean groups such as Jasper Sleet and Coral Sleet (formerly Storm-1877). | AI blog | Microsoft blog |
| 7.3.26 | CISOs in a Pinch: A Security Analysis of OpenClaw | Learn how Claude Code Security set Cybersecurity stocks on fire. | AI blog | Trend Micro |
| 7.3.26 | Fooling AI Agents: Web-Based Indirect Prompt Injection Observed in the Wild | Large language models (LLMs) and AI agents are becoming deeply integrated into web browsers, search engines and automated content-processing pipelines. While these integrations can expand functionality, they also introduce a new and largely underexplored attack surface. | AI blog | Palo Alto |
| 7.3.26 | This month in security with Tony Anscombe – February 2026 edition | In this roundup, Tony looks at how opportunistic threat actors are taking advantage of weak authentication, unmanaged exposure, and popular AI tools | AI blog | Eset |
| 28.2.26 | Our report on adversarial misuse of AI highlights model extraction, augmented attacks, and new AI-enabled malware. | AI blog | GTI | |
| 21.2.26 | Counterfeit Network Gear Creates Cyber Risk in Critical Infrastructure | As the supply chain for information technology components and raw materials is squeezed by the AI boom, the secondary market is heating up, and introducing new cyber risk into the IT supply chain. | AI blog | Eclypsium |
| 21.2.26 | India’s AI Revolution: Why This Is India’s Most Significant Moment | Beenu Arora outlines India’s AI moment, rising deepfake and phishing threats, and why AI security must evolve alongside innovation and scale. | AI blog | Cyble |
| 21.2.26 | Strategic AI for Preemptive Cyber Defense and Attacker Cost Imposition | Modern AI security tools are heavily focused on reducing operational bottlenecks. It might help analysts clear an alert queue faster or prioritize which fires to put out first. While these efforts are valuable for efficiency, they don’t fundamentally change the game; they just help teams react more effectively to attacks that have already breached the perimeter. | AI blog | Silent Push |
| 21.2.26 | Viral AI, Invisible Risks: What OpenClaw Reveals About Agentic Assistants | OpenClaw (aka Clawdbot or Moltbot) represents a new frontier in agentic AI: powerful, highly autonomous, and surprisingly easy to use. In this research, we examine how its capabilities compare to its predecessors’ and highlight the security risks inherent to the agentic AI paradigm. | AI blog | Trend Micro |
| 21.2.26 | AI in the Middle: Turning Web-Based AI Services into C2 Proxies & The Future Of AI Driven Attacks | Check Point Research (CPR) has discovered that certain AI assistants that support web browsing or URL fetching can be abused as covert command-and-control relays (“AI as a proxy”), allowing attacker traffic to blend seamlessly into legitimate, commonly permitted enterprise communications. | AI blog | CHECKPOINT |
| 21.2.26 | Using AI to defeat AI | In this week’s newsletter Martin considers how defenders can turn offensive AI tools against themselves. | AI blog | CISCO TALOS |
| 14.2.26 | When AI Secrets Go Public: The Rising Risk of Exposed ChatGPT API Keys | Cyble’s research reveals the exposure of ChatGPT API keys online, potentially enabling large‑scale abuse and hidden AI risk. | AI blog | Cyble |
| 14.2.26 | Hand over the keys for Shannon’s shenanigans | In this week’s newsletter, Amy examines the rise of Shannon, an autonomous AI penetration testing tool, and what it means for security teams and risk management. | AI blog | CISCO TALOS |
| 13.2.26 | GTIG AI Threat Tracker: Distillation, Experimentation, and (Continued) Integration of AI for Adversarial Use | In the final quarter of 2025, Google Threat Intelligence Group (GTIG) observed threat actors increasingly integrating artificial intelligence (AI) to accelerate the attack lifecycle, achieving productivity gains in reconnaissance, social engineering, and malware development. This report serves as an update to our November 2025 findings regarding the advances in threat actor usage of AI tools. | AI blog | GTI |
| 7.2.2026 | Viral AI, Invisible Risks: What OpenClaw Reveals About Agentic Assistants | OpenClaw (aka Clawdbot or Moltbot) represents a new frontier in agentic AI: powerful, highly autonomous, and surprisingly easy to use. In this research, we examine how its capabilities compare to its predecessors’ and highlight the security risks inherent to the agentic AI paradigm. | AI blog | Trend Micro |
| 7.2.2026 | FlowiseAI Custom MCP Node Remote Code Execution | SonicWall Capture Labs threat research team became aware of the threat CVE-2025-59528, assessed its impact, and developed mitigation measures for this vulnerability. CVE-2025-59528, also known as Flowise CustomMCP Code Injection, is a critical remote code execution vulnerability affecting FlowiseAI Flowise in versions >= 2.2.7-patch.1 and < 3.0.6. | AI blog | SonicWall |
| 7.2.2026 | All gas, no brakes: Time to come to AI church | This week, Joe cautions the rush to adopt AI tools rife with truly awful security vulnerabilities. | AI blog | CISCO TALOS |
| 1.2.26 | Generative AI and cybersecurity: What Sophos experts expect in 2026 | AI has dominated cybersecurity headlines for years, but as we enter 2026, the conversation is shifting from hype to hard realities. Across incident response, threat intelligence, and security operations, Sophos experts see clearer signals of where AI is truly making an impact. For IT teams already stretched thin, this isn’t theoretical — it’s reshaping daily decisions. | AI blog | SOPHOS |
| 1.2.26 | The Next Frontier of Runtime Assembly Attacks: Leveraging LLMs to Generate Phishing JavaScript in Real Time | Imagine visiting a webpage that looks perfectly safe. It has no malicious code, no suspicious links. Yet, within seconds, it transforms into a personalized phishing page. | AI blog | Palo Alto |
| 1.2.26 | Children and chatbots: What parents should know | As children turn to AI chatbots for answers, advice, and companionship, questions emerge about their safety, privacy, and emotional development | AI blog | Eset |
| 24.1.26 | Watering Hole Attack Targets EmEditor Users with Information-Stealing Malware | TrendAI™ Research provides a technical analysis of a compromised EmEditor installer used to deliver multistage malware that performs a range of malicious actions. | AI blog | Trend Micro |
| 24.1.26 | Introducing ÆSIR: Finding Zero-Day Vulnerabilities at the Speed of AI | TrendAI™’s ÆSIR platform combines AI automation with expert oversight to discover zero-day vulnerabilities in AI infrastructure – 21 CVEs across NVIDIA, Tencent, and MLflow since mid-2025. | AI blog | Trend Micro |
| 24.1.26 | KONNI Adopts AI to Generate PowerShell Backdoors | Check Point Research (CPR) is tracking a phishing campaign linked to a North Korea–aligned threat actor known as KONNI. | AI blog | |
| 17.1.26 | Remote Code Execution With Modern AI/ML Formats and Libraries | We identified vulnerabilities in three open-source artificial intelligence/machine learning (AI/ML) Python libraries published by Apple, Salesforce and NVIDIA on their GitHub repositories. Vulnerable versions of these libraries allow for remote code execution (RCE) when a model file with malicious metadata is loaded. | AI blog | Palo Alto |
| 17.1.26 | When AI Gets Bullied: How Agentic Attacks Are Replaying Human Social Engineering | December closed out 2025 with a clear signal that AI risk, capability, and governance are evolving faster than ever. Updated CASI and ARS leaderboards showed a notable shift at the top, with GPT-5.2 delivering an 11-point security improvement over GPT-5.1, while NVIDIA’s latest model demonstrated that strong performance and efficiency are increasingly attainable outside the traditional hyperscaler ecosystem. | AI blog | F5 |
| 10.1.26 | Winning the AI War: Why Preemptive Cyber Defense is the Only Viable Countermeasure for CISOs | The escalation of AI-driven cyber threats has fundamentally broken the traditional security lifecycle. For decades, the industry has operated on a reactive cadence: an attack occurs, indicators are gathered, and defenses are updated. This model assumes that defenders have time to react. | AI blog | Silent Push |
| 10.1.26 | Executive Summary The OPCOPRO “Truman Show” operation is a fully synthetic, AI‑powered investment scam that ... | AI blog | CHECKPOINT | |
| 10.1.26 | Securing Vibe Coding Tools: Scaling Productivity Without Scaling Risk | The promise of AI-assisted development, or “vibe coding,” is undeniable: unprecedented speed and productivity for development teams. In a landscape defined by complex cloud-native architectures and intense demand for new software, this force multiplier is rapidly becoming standard practice. | AI blog | Palo Alto |