What Mozilla learned running an AI security bug hunting pipeline on Firefox
Over the past several months, Mozilla ran an agentic harness powered by Claude Mythos Preview across Firefox’s source code, identifying 271 security bugs that were…
Month: May 2026
Massive AI investment scam network spans 15,500 domains
Researchers tracked a large AI‑themed investment scam campaign involving more than 15,000 domains. It uses cloaking and deepfakes to hide from security tools while targeting…
Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access
Ravie LakshmananMay 07, 2026Vulnerability / Network Security Ivanti is warning that a new security flaw impacting Endpoint Manager Mobile (EPMM) has been explored in limited…
Data residency becomes the GCC’s next AI battleground
Artificial intelligence (AI) adoption across the Gulf Cooperation Council (GCC) is entering a new phase. The conversation is no longer about how to deploy AI…
CI Fortify Targets Critical Infrastructure Threats
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has launched a new initiative called “CI Fortify” aimed at helping critical infrastructure operators prepare for disruptive…
Microsoft may shelve 2030 clean energy target
Microsoft is considering delaying or abandoning its 2030 goal of matching its entire hourly electricity use with renewable energy purchases, Bloomberg News reported, citing people familiar…
Palo Alto Zero-Day Exploited in Campaign Bearing Hallmarks of Chinese State Hacking
Palo Alto Networks has shared some information on the exploitation of the recently disclosed zero-day vulnerability affecting some of its firewalls. The cybersecurity firm has…
U.S. CISA adds a flaw in Ivanti Endpoint Manager Mobile (EPMM) to its Known Exploited Vulnerabilities catalog
U.S. CISA adds a flaw in Ivanti Endpoint Manager Mobile (EPMM) to its Known Exploited Vulnerabilities catalog Pierluigi Paganini May 07, 2026 The U.S. Cybersecurity…
Businesses hide vast majority of ransomware attacks, report finds
The security firm BlackFog said the number of disclosed incidents it tracked in Q1 was roughly one-tenth of the number of undisclosed incidents. Source link
American duo sentenced for hosting laptop farms for North Korean IT workers
Two U.S. nationals were sentenced to 18 months in prison for running laptop farms that facilitated North Korea’s expansive remote IT workers scheme, the Justice…
Norwegian police arrest Chinese woman on spying allegations
Authorities in Norway arrested a Chinese citizen on espionage allegations on Thursday in connection with a purported effort to set up a receiver to collect…
Why Security in 2026 Requires Continuous Threat and Exposure Management (CTEM) at Scale
Let’s be honest, the patching window just shrank to something no practitioner or organization can keep up with. Organizations now need to operate in an…