Google’s Big Sleep AI Tool Finds 20 Open-Source Bugs
An experimental AI tool developed by Google has identified its first set of real-world security vulnerabilities in widely used open-source projects. The tool, internally codenamed…
Month: August 2025
U.S. CISA adds D-Link cameras and Network Video Recorder flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds D-Link cameras and Network Video Recorder flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini August 06, 2025 U.S. Cybersecurity and Infrastructure…
CISA Releases Two Advisories Covering Vulnerabilities, and Exploits Surrounding ICS
CISA released two urgent Industrial Control Systems (ICS) advisories on August 5, 2025, addressing significant security vulnerabilities in critical manufacturing and energy sector systems. These…
Millions of Dell PCs at Risk from Broadcom Vulnerability Enabling Remote Hijack
Cybersecurity researchers at Cisco Talos have discovered five critical vulnerabilities in Dell’s ControlVault3 security hardware that could affect millions of business laptops worldwide. The flaws,…
Searchlight Cyber unveils AI Agent to automate dark web threat actor summaries
Searchlight Cyber has released a new AI capability that summarizes the activity of a threat actor in its dark web investigation platform, Cerberus. The Searchlight…
AI Is Transforming Cybersecurity Adversarial Testing
When Technology Resets the Playing Field In 2015 I founded a cybersecurity testing software company with the belief that automated penetration testing was not only…
Cyber Attacks Against AI Infrastructure Are in The Rise With Key Vulnerabilities Uncovered
Cyber-criminals have gradually shifted their focus toward the high-value infrastructure that trains, tunes and serves modern artificial-intelligence models. Over the past six months, incident-response teams…
MCPoison Attack Abuses Cursor IDE to Run Arbitrary System Commands
Cybersecurity researchers have uncovered a critical vulnerability in Cursor IDE that allows attackers to execute arbitrary system commands through a sophisticated trust bypass mechanism, potentially…
Ransomware is up, zero-days are booming, and your IP camera might be next
Cyber attackers are finding new ways in through the overlooked and unconventional network corners. Forescout’s 2025H1 Threat Review reveals a surge in advanced tactics, with…
Threats Actors Poisoned Bing Search Results to Deliver Bumblebee Malware if User Searched for ‘ManageEngine OpManager’
Cybersecurity researchers have uncovered a sophisticated search engine optimization (SEO) poisoning campaign that exploited Bing search results to distribute Bumblebee malware, ultimately leading to devastating…
CISOs say they’re prepared, their data says otherwise
Most security teams believe they can act quickly when a threat emerges. But many don’t trust the very data they rely on to do so,…
Why Marcus Is Wrong About AI
My friend Marcus Hutchins put out a long, well-written, and entertaining piece about all the reasons he thinks AI is hype. I think it was…