Your developers are already running AI locally: Why on-device inference is the CISO’s new blind spot

Shadow AI 2.0 isn’t a hypothetical future, it’s a predictable consequence of fast hardware, easy distribution, and developer ...

How AI is getting better at finding security holes

Anthropic announced this week that its new model found security flaws in "every major operating system and web browser." Even ...

Your router may be vulnerable to Russian hackers, FBI warns: 5 steps to take now

The FBI and NSA warn that Russian hackers are exploiting vulnerable routers, but there are ways you can take to protect yourself.
SecurityWeek

Critical Marimo Flaw Exploited Hours After Public Disclosure

A threat actor started exploiting CVE-2026-39987, an unauthenticated RCE vulnerability in Marimo, nine hours after public ...

Florida investigates ChatGPT, OpenAI over alleged role in FSU shooting

Florida Attorney General James Uthmeier said his office formally opened a probe into OpenAI and raised concerns over its ...

Mythos autonomously exploited vulnerabilities that survived 27 years of human review. Security teams need a new detection playbook

Claude Mythos autonomously found zero-days in OpenBSD, FFmpeg, FreeBSD and major browsers that survived decades of expert ...

NetKnights releases privacyIDEA 3.13 with enhanced passkey functionality and new web interface

The IT security company NetKnights has released version 3.13 of its multi-factor authentication software, privacyIDEA ...
Dark Reading

TeamPCP Breaches Cloud, SaaS Instances With Stolen Credentials

The threat group's shift to speedy attacks on AWS, Azure, and SaaS instances shows organizations need to respond quickly to ...

GL Communications Enhances SIP Network Testing for Scalable VoIP and IMS Validation

GL Communications Inc., a global provider of voice testing solutions, announces significant enhancements to its SIP testing platform, enabling high-load, secure and automated generation of voice, ...

Hackers compromise popular Axios Javascript library with hidden malware

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...
Dark Reading

The Forgotten Endpoint: Security Risks of Dormant Devices

The forgotten endpoint problem isn't a sophisticated supply chain attack or a novel vulnerability. It's basic blocking and ...

Major compromise of the telnyx PyPI library could put millions of users at risk

TeamPCP strikes again, with almost identical code to LiteLLM.