Summer of Clearinghouses
Everyone seems to have announced a clearinghouse over the past few weeks. We did too. Ours is called Athena, and the main thing that sets it apart is that it… Read More »Summer of Clearinghouses
Your blog category
Everyone seems to have announced a clearinghouse over the past few weeks. We did too. Ours is called Athena, and the main thing that sets it apart is that it… Read More »Summer of Clearinghouses
Microsoft has released security updates for a Defender vulnerability known as RoguePlanet, nearly a month after details of the flaw became public. The vulnerability, tracked as CVE-2026-50656 (CVSS score: 7.8),… Read More »Microsoft Patches RoguePlanet Defender Flaw That Can Grant SYSTEM Privileges
Meta has announced that its new artificial intelligence (AI) model Muse Image lets people use public Instagram posts and reels to generate AI content, and it’s enabled by default. “You… Read More »Meta’s New AI Image Tool Lets Others Use Your Public Instagram Photos in AI Images
Ask an AI coding agent to scan open-source code for security holes, and it might run the attacker’s code on your own machine instead. That is the finding in a proof-of-concept… Read More »Top AI Agents Built to Catch Malicious Code Can Be Tricked Into Running It
Cybersecurity researchers have disclosed details of a new threat actor dubbed Lurking Lizard that has been operating an end-to-end malicious residential proxy business using an infrastructure comprising more than 230… Read More »Fake 7-Zip Installers Turn Devices Into Residential Proxy Nodes
Researchers at Wiz found that a flaw in six popular AI coding assistants lets a booby-trapped code project quietly take control of a developer’s computer. The assistant asks permission to edit one… Read More »GhostApproval Symlink Flaws Could Let Malicious Repos Run Code in AI Coding Agents
Sophos looked at a week of its own endpoint data and found that AI coding agents such as Claude Code, Cursor, and OpenAI Codex are setting off detection rules written… Read More »AI Coding Agents Found Triggering Endpoint Security Rules Built to Catch Attackers
AI coding assistants have a habit of making things up. Ask one to fetch a popular tool, and it will sometimes hand back a real-sounding name for a project that… Read More »New HalluSquatting Attack Could Trick AI Coding Assistants Into Installing Botnet Malware
Ubiquiti has shipped updates to address multiple critical security flaws impacting UniFi Connect, UniFi Talk, UniFi Access, UniFi Protect, and UniFi OS that could result in privilege escalation and arbitrary… Read More »Ubiquiti Patches Critical UniFi Flaws Across Connect, Talk, Access, Protect, and OS
A new banking fraudulent operation is targeting customers of Mexican banks, fintech, payment processors, and cryptocurrency exchanges using ClickFix lures. The activity cluster, tracked by Elastic Security Labs under the… Read More »SCMBANKER Malware Uses ClickFix Lures to Target Mexican Banking Users