The AI security race needs accountability, not overregulation
AI models such as Anthropic’s Claude Mythos and OpenAI’s Daybreak represent a fundamental inflection point in security. These advances are not only reshaping technology but…
Author: Cybernoz
15 tough cybersecurity questions every CISO must answer
“Nonhuman identities are an emerging frontier of cyber risk, and many traditional identity governance tools have not yet evolved to address them. As organizations adopt…
Dragos applies Claude Mythos Preview to uncover vulnerabilities in OT security software
Industrial cybersecurity firm Dragos has joined Anthropic’s Project Glasswing, applying Claude Mythos Preview to explore its own products for novel vulnerabilities. The work will help…
White House unveils AI security strategy focused on frontier models, cyber defense, critical infrastructure protection
Following last week’s release of an executive order aimed at strengthening the cybersecurity posture of government and private-sector systems in an era of increasingly advanced…
Hiding in Plain Sight: Part 2
We recently uncovered a really peculiar piece of malware, which we’ve jokingly referred to as “the gift that keeps on giving.” And the more we…
Over 20,000 Instagram accounts stolen in Meta AI support hack
Meta has revealed that over 20,000 Instagram users had their accounts hijacked in a recent incident where attackers used Meta’s AI-powered support system to reset passwords.…
Multiple VMware Stored XSS Vulnerabilities Allow Attackers to Inject Malicious Scripts
Broadcom has disclosed three stored cross-site scripting (XSS) vulnerabilities affecting VMware Cloud Foundation Operations and several related products, warning that authenticated attackers could inject malicious…
All the Ways Europe Is Ditching American Technology
Europe is done with American Big Tech. Well, sort of. Since the start of President Donald Trump’s chaotic second administration last year, concerned governments and…
Instagram Patches Account Recovery Flaw Leaking User Contact Information
A critical logic flaw in Instagram’s web-based account recovery workflow exposed unredacted user contact information, including full email addresses and phone numbers, before Meta rapidly…
DockSec: Open-source AI-powered Docker security scanner
DockSec is an OWASP Incubator Project that combines three container security scanners with a language-model layer for explanation and remediation. Created by Advait Patel, the…
A week in security (June 1 – June 7)
Last week on Malwarebytes Labs: Stay safe! Let’s face it, an incognito window can only do so much. Breaches, dark web trading, credit fraud. Malwarebytes Identity Theft…
VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks
Ravie LakshmananJun 08, 2026Software Supply Chain / Malware Microsoft has announced that Visual Studio Code (VS Code) will apply a two-hour delay before extensions for…