Shadow AI assistant Clawdbot raises workplace risks
Token Security Labs has reported that employees are actively using the open-source AI assistant Clawdbot, also known as…
Cisco In Talks To Buy Cybersecurity Startup Axonius For $2B: Report
Axonius, which calls itself the “actionability platform for intelligent action” would be Cisco’s third security-related acquisition in five…
CSA Issues Alert on Critical SmarterMail Bug Allowing Remote Code Execution
Dec 30, 2026Ravie LakshmananVulnerability / Email Security The Cyber Security Agency of Singapore (CSA) has issued a bulletin…
New MacSync macOS Stealer Uses Signed App to Bypass Apple Gatekeeper
Dec 24, 2025Ravie LakshmananMalware / Endpoint Security Cybersecurity researchers have discovered a new variant of a macOS information…
A Browser Extension Risk Guide After the ShadyPanda Campaign
In early December 2025, security researchers exposed a cybercrime campaign that had quietly hijacked popular Chrome and Edge…
Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data
Dec 09, 2025Ravie LakshmananMalware / Threat Analysis Cybersecurity researchers have discovered two new extensions on Microsoft Visual Studio…
Researchers Uncover 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks
Dec 06, 2025Ravie LakshmananAI Security / Vulnerability Over 30 security vulnerabilities have been disclosed in various artificial intelligence…
Matrix Push C2 Uses Browser Notifications for Fileless, Cross-Platform Phishing Attacks
Bad actors are leveraging browser notifications as a vector for phishing attacks to distribute malicious links by means…
Google Issues Security Fix for Actively Exploited Chrome V8 Zero-Day Vulnerability
Nov 18, 2025Ravie LakshmananBrowser Security / Vulnerability Google on Monday released security updates for its Chrome browser to…
Microsoft Uncovers ‘Whisper Leak’ Attack That Identifies AI Chat Topics in Encrypted Traffic
Microsoft has disclosed details of a novel side-channel attack targeting remote language models that could enable a passive…
Google’s AI ‘Big Sleep’ Finds 5 New Vulnerabilities in Apple’s Safari WebKit
Nov 04, 2025Ravie LakshmananArtificial Intelligence / Vulnerability Google’s artificial intelligence (AI)-powered cybersecurity agent called Big Sleep has been…
AI-Powered Villager Pen Testing Tool Hits 11,000 PyPI Downloads Amid Abuse Concerns
A new artificial intelligence (AI)-powered penetration testing tool linked to a China-based company has attracted nearly 11,000 downloads…