Infostealers Turn Millions of Devices Into Credential Theft Machines
Hackers no longer force open the side-window when infostealers can give them a key to the front door. Infostealers have become the primary source of…
Category: SecurityWeek
After AI Reaches Production: 12 Ways Security Teams Can Take Control
In my previous column, I offered some suggestions to help security teams avoid being blindsided when AI applications are moved into production. In this piece,…
No Patch Planned for Exploited Arista EOS Vulnerability
Hackers have been exploiting a vulnerability in Arista Extensible Operating System (EOS) as a zero-day that will not be patched. Arista EOS is a modular,…
Adobe Patches 123 Vulnerabilities – SecurityWeek
Adobe’s latest Patch Tuesday updates fix 123 vulnerabilities across 11 products. Of the total, 57 vulnerabilities were patched in Adobe Experience Manager. The vast majority…
Microsoft Patches 200 Vulnerabilities – SecurityWeek
Microsoft’s June 2026 Patch Tuesday updates fix roughly 200 vulnerabilities discovered in the company’s products. None of the flaws addressed this month appears to have…
Claude Mythos Turns N-Days Into N-Hours With Rapid Exploit Creation
Anthropic says its Claude Mythos Preview model can build working exploits targeting known vulnerabilities within hours, or even minutes. Announced in early April and promoted…
Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks
New iterations of the Shai-Hulud supply chain attack have hit over 100 packages across the NPM and PyPI ecosystems, security researchers warn. Since September 2025,…
Google Patches 5th Chrome Zero-Day Exploited in 2026
Google on Monday announced a Chrome 149 update that patches 74 vulnerabilities, including a zero-day that has been exploited in the wild. The exploited vulnerability…
WhatsApp Catches Spyware Firm NSO Defying No-Hacking Court Order
Meta-owned communications app WhatsApp says it recently detected and disrupted a spear-phishing attempt linked to spyware company NSO Group. The attack is allegedly in defiance…
A Security Raises $37 Million for Autonomous Offensive Security Platform
A Security emerged from stealth mode on Monday after raising $37 million in funding for its autonomous offensive security and remediation platform. The company was…
Everybody Is Vibe Coding But Nobody Told the Security Team
In February 2025, Andrej Karpathy coined the term “vibe coding” to describe a new way of building software: rapid, AI-assisted development where users ‘fully give…
174,000 Impacted by Lansing Community College Data Breach
Lansing Community College (LCC) is notifying over 174,000 people that their personal information was compromised in a data breach more than one year ago. The…