IT teams aren’t equipped to stop rogue AI agents
Dive Brief: AI agents are involved in 40% of insider cybersecurity threats, according to a report by managed security service provider Akati Sekurity. Non-human identities outnumber humans…
Month: January 2026
Researchers Detailed r1z Initial Access Broker OPSEC Failures
U.S. authorities have pulled back the curtain on “r1z,” an initial access broker who quietly sold gateways into corporate networks around the world. Operating across…
Critical Vivotek Flaw Enables Remote Arbitrary Code Execution
Akamai’s Security Intelligence and Response Team (SIRT) uncovered a serious command injection vulnerability in legacy Vivotek IoT camera firmware. Tracked as CVE-2026-22755, the flaw lets…
DWP review of Post Office worker prosecutions yet to start, months after announcement
The Department for Work and Pensions (DWP) has yet to formally launch its review of prosecutions of subpostmasters, despite it being announced in August 2025,…
Why Active Directory password resets are surging in hybrid work
Back when everyone worked in the office, password resets were annoying but manageable. If someone forgot their credentials, they walked down the hall to IT…
Malicious PyPI Package Mimic as Popular Sympy-Dev to Attack Millions of Users
A new malicious package on the Python Package Index (PyPI), named sympy-dev, has been caught impersonating the widely used SymPy library to deliver cryptomining malware. SymPy…
New Osiris Ransomware Leverages Living Off the Land and Dual-Use Tools in Attacks
A newly discovered ransomware family, Osiris, targeted a major foodservice franchisee in Southeast Asia in November 2025. Despite sharing a name with a 2016 Locky…
Obsidian Security unveils end-to-end SaaS supply chain security to stop integration-led breaches
Obsidian Security announced end-to-end SaaS supply chain security solution, empowering organizations to monitor, control and contain the security risk hiding inside interconnected SaaS ecosystems. Companies…
Sportswear firm Under Armour falls victim to data breach
Customers of US-based sportswear giant Under Armour have been warned to be on high alert after details of approximately 72.7 million shoppers appeared online this…
Microsoft updates Notepad and Paint with more AI features
Microsoft is rolling out new artificial intelligence features with the latest updates to the Notepad and Paint apps for Windows 11 Insiders. These changes are…
New ClickFix Campaign Hijacks Facebook Sessions Using Fake Verification Pages
Attackers have launched a widespread campaign called ClickFix that steals Facebook account credentials by tricking users into handing over their session tokens. Rather than using…
ClearFake malware Exploits Proxy Execution to Run Malicious PowerShell Commands via Trusted Windows Feature
A sophisticated evolution of the ClearFake malware campaign has emerged, deploying advanced evasion techniques that abuse legitimate Windows components to bypass endpoint detection systems. The…