#nick-cross-safety

[ follow ]
#cybersecurity #vulnerabilities #ai #data-breach #security #hacking #vulnerability #project-glasswing #claude-mythos
SOMA, SF
fromKqed
2 hours ago

DOJ: Man Who Attacked Sam Altman's House Threatened to Kill Other Tech CEOs | KQED

A Texas man faces charges for attempted murder of OpenAI CEO Sam Altman after violent attacks at his home and company headquarters.
#cybersecurity
Privacy professionals
fromSecurityWeek
8 hours ago

Nightclub Giant RCI Hospitality Reports Data Breach

RCI Hospitality Holdings reported a cybersecurity incident exposing sensitive personal information of independent contractors due to an IDOR vulnerability.
Silicon Valley
fromWIRED
1 day ago

The Dumbest Hack of the Year Exposed a Very Real Problem

A cyberattack in Silicon Valley exploited weak passwords to spoof crosswalk button recordings with voices of tech CEOs, raising security concerns.
Privacy technologies
fromYahoo Tech
4 days ago

Hackers Are Using Your Home Router to Spy on Microsoft 365 Users

Russian spies exploited consumer routers to steal Microsoft 365 credentials from thousands of users, turning home devices into espionage tools.
Cryptocurrency
fromnews.bitcoin.com
5 days ago

Treasury Launches Cybersecurity Initiative Expanding Threat Intelligence Access for Digital Asset Firms

U.S. Treasury expands cybersecurity coordination with digital asset firms to enhance protections and integrate with traditional finance.
Artificial intelligence
fromwww.theguardian.com
4 days ago

US summoned bank bosses to discuss cyber risks posed by Anthropic's latest AI model

US Treasury secretary convened bank chiefs to address cybersecurity risks from Anthropic's AI model, Claude Mythos, which poses unprecedented threats.
Privacy professionals
fromSecurityWeek
8 hours ago

Nightclub Giant RCI Hospitality Reports Data Breach

RCI Hospitality Holdings reported a cybersecurity incident exposing sensitive personal information of independent contractors due to an IDOR vulnerability.
Silicon Valley
fromWIRED
1 day ago

The Dumbest Hack of the Year Exposed a Very Real Problem

A cyberattack in Silicon Valley exploited weak passwords to spoof crosswalk button recordings with voices of tech CEOs, raising security concerns.
Privacy technologies
fromYahoo Tech
4 days ago

Hackers Are Using Your Home Router to Spy on Microsoft 365 Users

Russian spies exploited consumer routers to steal Microsoft 365 credentials from thousands of users, turning home devices into espionage tools.
Cryptocurrency
fromnews.bitcoin.com
5 days ago

Treasury Launches Cybersecurity Initiative Expanding Threat Intelligence Access for Digital Asset Firms

U.S. Treasury expands cybersecurity coordination with digital asset firms to enhance protections and integrate with traditional finance.
Artificial intelligence
fromwww.theguardian.com
4 days ago

US summoned bank bosses to discuss cyber risks posed by Anthropic's latest AI model

US Treasury secretary convened bank chiefs to address cybersecurity risks from Anthropic's AI model, Claude Mythos, which poses unprecedented threats.
more#cybersecurity
#data-breach
EU data protection
fromTNW | Data-Security
1 day ago

Basic-Fit hit by hack affecting members across multiple countries, including 200,000 in the Netherlands

Basic-Fit experienced a data breach affecting 200,000 members, exposing personal and bank details but not passwords or identity documents.
EU data protection
fromSecurityWeek
5 days ago

300,000 People Impacted by Eurail Data Breach

Eurail is notifying over 300,000 customers about a data breach that exposed personal information, including names and passport numbers.
Information security
fromTechCrunch
1 day ago

Hack at Anodot leaves over a dozen breached companies facing extortion | TechCrunch

Hackers stole data from multiple companies after breaching Anodot, exposing customers to extortion and potential data publication.
Privacy professionals
fromTheregister
5 days ago

Capita's pension portal exposes civil servants' private data

Capita limited online functionality of the Civil Service Pensions Scheme member portal after a data breach exposed personal information of public sector workers.
Information security
fromTheregister
1 week ago

The company's biggest security hole lived in the breakroom

An internet-connected coffee machine caused a major data breach by exploiting security vulnerabilities in a corporate network.
EU data protection
fromTNW | Data-Security
1 day ago

Basic-Fit hit by hack affecting members across multiple countries, including 200,000 in the Netherlands

Basic-Fit experienced a data breach affecting 200,000 members, exposing personal and bank details but not passwords or identity documents.
EU data protection
fromSecurityWeek
5 days ago

300,000 People Impacted by Eurail Data Breach

Eurail is notifying over 300,000 customers about a data breach that exposed personal information, including names and passport numbers.
Information security
fromTechCrunch
1 day ago

Hack at Anodot leaves over a dozen breached companies facing extortion | TechCrunch

Hackers stole data from multiple companies after breaching Anodot, exposing customers to extortion and potential data publication.
Privacy professionals
fromTheregister
5 days ago

Capita's pension portal exposes civil servants' private data

Capita limited online functionality of the Civil Service Pensions Scheme member portal after a data breach exposed personal information of public sector workers.
Information security
fromTheregister
1 week ago

The company's biggest security hole lived in the breakroom

An internet-connected coffee machine caused a major data breach by exploiting security vulnerabilities in a corporate network.
more#data-breach
Node JS
fromNist
2 days ago

NVD

Axios library versions prior to 1.15.0 are vulnerable to Prototype Pollution, leading to Remote Code Execution and Full Cloud Compromise.
#ai
Artificial intelligence
fromwww.businessinsider.com
6 days ago

Why Anthropic's new AI model has some cybersecurity pros worried about its hacking abilities

Anthropic's Claude Mythos Preview is withheld from public release due to concerns over its potential to exploit software vulnerabilities autonomously.
Information security
fromFortune
22 hours ago

Anthropic caused panic that Mythos will expose cybersecurity weak spots, but one industry veteran says real problem is fixing, not finding, them | Fortune

Anthropic's Claude Mythos Preview AI model identifies cybersecurity vulnerabilities, but experts question its impact on fixing existing issues.
Artificial intelligence
fromFast Company
3 days ago

Is Mythos a blessing or a curse for cybersecurity? It depends on whom you ask

Claude Mythos AI model may enhance cybersecurity defenses but also poses risks for hackers due to its ability to identify vulnerabilities and create exploits.
Artificial intelligence
fromwww.businessinsider.com
6 days ago

Why Anthropic's new AI model has some cybersecurity pros worried about its hacking abilities

Anthropic's Claude Mythos Preview is withheld from public release due to concerns over its potential to exploit software vulnerabilities autonomously.
Information security
fromFortune
22 hours ago

Anthropic caused panic that Mythos will expose cybersecurity weak spots, but one industry veteran says real problem is fixing, not finding, them | Fortune

Anthropic's Claude Mythos Preview AI model identifies cybersecurity vulnerabilities, but experts question its impact on fixing existing issues.
more#ai
Careers
fromComputerWeekly.com
4 days ago

Businesses are paying the price for CISO burnout | Computer Weekly

Burnout among CISOs poses significant risks to businesses, driven by overwhelming responsibilities and rising cyber threats.
UK news
fromTheregister
4 days ago

UK seeks fresh perspectives to shape radio-jamming laws

The UK government is preparing legislation to ban radiofrequency jammers due to their use in various criminal activities and threats to public safety.
DevOps
fromInfoQ
4 days ago

CNCF and Kusari Partner to Strengthen Software Supply Chain Security Across Cloud-Native Projects

CNCF and Kusari collaborate to enhance software supply chain security for cloud-native projects using AI-powered tools.
Software development
fromDevOps.com
5 days ago

Appknox Adds AI Tool to Detect and Fix Vulnerabilities in Mobile Applications - DevOps.com

Appknox introduces AI to assess mobile app vulnerabilities and recommend fixes, enhancing the patching process for software engineering teams.
fromSecurityWeek
5 days ago

Apple Intelligence AI Guardrails Bypassed in New Attack

The first is Neural Execs, a known prompt injection attack that uses 'gibberish' inputs to trick the AI into executing arbitrary, attacker-defined tasks. These inputs act as universal triggers that do not need to be remade for different payloads.
Apple
#kraken
Information security
fromFinbold
5 hours ago

Kraken insider extortion reveals remote work security blind spot

Kraken experienced an insider security breach affecting 2,000 client accounts, highlighting vulnerabilities in remote-first working models.
Information security
fromBitcoin Magazine
1 day ago

Crypto Exchange Kraken Faces Extortion Attempt After Insider Access Incidents Involving Support Staff

Kraken experienced two insider-related security incidents but confirmed no systems were breached and no client funds were at risk.
Information security
fromFinbold
5 hours ago

Kraken insider extortion reveals remote work security blind spot

Kraken experienced an insider security breach affecting 2,000 client accounts, highlighting vulnerabilities in remote-first working models.
Information security
fromBitcoin Magazine
1 day ago

Crypto Exchange Kraken Faces Extortion Attempt After Insider Access Incidents Involving Support Staff

Kraken experienced two insider-related security incidents but confirmed no systems were breached and no client funds were at risk.
more#kraken
fromArs Technica
22 hours ago

Your tech support company runs scams. Stop-or disguise with more fraud?

Tech Live Connect processed fraudulent charges using real customer data, including names and addresses, to make the charges appear legitimate and maintain a low chargeback ratio.
Privacy professionals
#ai-security
Software development
fromInfoWorld
6 days ago

Microsoft's new Agent Governance Toolkit targets top OWASP risks for AI agents

Microsoft introduced the Agent Governance Toolkit to enhance AI agent security and mitigate OWASP's top 10 agentic AI threats.
Software development
fromInfoWorld
6 days ago

Microsoft's new Agent Governance Toolkit targets top OWASP risks for AI agents

Microsoft introduced the Agent Governance Toolkit to enhance AI agent security and mitigate OWASP's top 10 agentic AI threats.
more#ai-security
Privacy professionals
fromSecurityWeek
5 days ago

The Hidden ROI of Visibility: Better Decisions, Better Behavior, Better Security

Visibility through security measures can deter undesirable behavior and enhance safety in challenging situations.
Information security
fromThe Hacker News
7 hours ago

Analysis of 216M Security Findings Shows a 4x Increase In Critical Risk (2026 Report)

Critical risk findings surged by nearly 400% amid a 52% increase in raw alert volume, driven by AI-assisted development.
Podcast
fromSecuritymagazine
2 weeks ago

What Does It Take to Be an Outstanding CSO or CISO?

Outstanding security leaders often come from non-traditional backgrounds, with 40% of recent CSO-CISO Hall of Fame honorees starting in the private sector.
#openai
Information security
fromThe Hacker News
1 day ago

OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

OpenAI's macOS apps were affected by a supply chain attack, but no user data or internal systems were compromised.
Information security
fromThe Hacker News
1 day ago

OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

OpenAI's macOS apps were affected by a supply chain attack, but no user data or internal systems were compromised.
more#openai
#artificial-intelligence
Artificial intelligence
fromEngadget
6 days ago

Anthropic launches Project Glasswing, an effort to prevent AI cyberattacks with AI

Project Glasswing aims to enhance cybersecurity against AI threats with major tech partnerships and a new AI model from Anthropic.
Information security
fromThe Hacker News
6 days ago

Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems

Anthropic's Project Glasswing uses Claude Mythos to identify and address cybersecurity vulnerabilities, surpassing human capabilities in some instances.
Artificial intelligence
fromEngadget
6 days ago

Anthropic launches Project Glasswing, an effort to prevent AI cyberattacks with AI

Project Glasswing aims to enhance cybersecurity against AI threats with major tech partnerships and a new AI model from Anthropic.
Information security
fromThe Hacker News
6 days ago

Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems

Anthropic's Project Glasswing uses Claude Mythos to identify and address cybersecurity vulnerabilities, surpassing human capabilities in some instances.
more#artificial-intelligence
fromwww.businessinsider.com
8 hours ago

We're in a new era of heightened CEO safety measures, security pros say

This attack is just shedding light on the fact that you're even more vulnerable outside of the office, said Don Aviv, CEO of Interfor International, a security consultancy.
Information security
Information security
fromSecurityWeek
1 hour ago

Adobe Patches 55 Vulnerabilities Across 11 Products

Adobe's Patch Tuesday updates address 55 vulnerabilities across 11 products, with critical ColdFusion flaws requiring immediate attention.
Information security
fromSecurityWeek
9 hours ago

Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities

CISA expanded its Known Exploited Vulnerabilities catalog with seven new vulnerabilities, including critical Windows and Adobe flaws.
Privacy professionals
fromMedCity News
3 weeks ago

The Evolving Landscape of Privacy and Cybersecurity: Essential Strategies for Legal and Compliance Professionals - MedCity News

Organizations must combine strong controls with comprehensive employee training and accountability culture to effectively protect sensitive data and comply with evolving privacy laws.
fromSecurityWeek
4 days ago

MITRE Releases Fight Fraud Framework

"These incidents involve the intentional use of deceptive or illegal practices to fraudulently obtain money, assets, or information from individuals or institutions, and include actions carried out over cyber channels."
Information security
Information security
fromSecurityWeek
4 days ago

Critical Marimo Flaw Exploited Hours After Public Disclosure

A critical vulnerability in Marimo was exploited within hours of its public disclosure, allowing unauthenticated remote code execution.
Information security
fromSecurityWeek
4 days ago

Juniper Networks Patches Dozens of Junos OS Vulnerabilities

Juniper Networks released patches for multiple vulnerabilities, including severe flaws that could lead to privilege escalation and remote device takeover.
Information security
fromTechRepublic
6 days ago

Why Operationalizing AI Security Is the Next Great Enterprise Hurdle

Security operations lag behind rapid tech advancements, leading to inefficiencies and risks in managing numerous security tools.
Information security
fromSecuritymagazine
6 days ago

Ransomware Response: How Businesses Regain Control Under Pressure

Ransomware attacks create urgent pressure, forcing quick decisions and impacting operations, legal obligations, and overall enterprise strategy.
Information security
fromThe Hacker News
1 week ago

The Hidden Cost of Recurring Credential Incidents

Credential incidents cause significant operational costs and disruptions, impacting IT teams and overall business productivity beyond just breach prevention.
Information security
fromSecurityWeek
5 days ago

Palo Alto Networks, SonicWall Patch High-Severity Vulnerabilities

Palo Alto Networks and SonicWall released patches for multiple vulnerabilities, including high-severity bugs that could allow unauthorized access and code execution.
Information security
fromSecurityWeek
1 week ago

The New Rules of Engagement: Matching Agentic Attack Speed

AI-enabled cyberattacks are currently occurring, with significant impacts on organizations and a widening gap between attackers and defenders.
Information security
fromThe Hacker News
6 days ago

Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)

Enterprise IAM faces fragmentation, leading to Identity Dark Matter and a significant gap in visibility and security oversight.
Information security
fromSecurityWeek
1 week ago

Mobile Attack Surface Expands as Enterprises Lose Control

Mobile device security is inadequate, with many organizations using critically outdated operating systems and exposing sensitive data to potential attacks.
Information security
fromTechzine Global
1 week ago

Axios supply chain attack victim posts postmortem to prevent a repeat

Axios was compromised for three hours, distributing Remote Access Trojans due to a sophisticated social engineering attack by North Korean group UNC1069.
Information security
fromComputerWeekly.com
2 weeks ago

Banning routers won't fix what's already broken | Computer Weekly

The FCC's ban on foreign-made routers addresses future procurement, not current security risks, as routers are already vulnerable and widely deployed.
#citrix
Information security
fromSecurityWeek
2 weeks ago

Exploitation of Fresh Citrix NetScaler Vulnerability Begins

Exploitation of a critical Citrix NetScaler vulnerability began shortly after its public disclosure, with active attempts detected within days.
Information security
fromSecurityWeek
3 weeks ago

Critical Citrix NetScaler Vulnerability Poised for Exploitation, Security Firms Warn

Citrix released critical patches for vulnerabilities in NetScaler ADC and Gateway, addressing memory leaks and session mixup issues.
Information security
fromSecurityWeek
2 weeks ago

Exploitation of Fresh Citrix NetScaler Vulnerability Begins

Exploitation of a critical Citrix NetScaler vulnerability began shortly after its public disclosure, with active attempts detected within days.
Information security
fromSecurityWeek
3 weeks ago

Critical Citrix NetScaler Vulnerability Poised for Exploitation, Security Firms Warn

Citrix released critical patches for vulnerabilities in NetScaler ADC and Gateway, addressing memory leaks and session mixup issues.
more#citrix
Information security
fromComputerWeekly.com
2 weeks ago

Cyber pros must grasp the vibe coding nettle, says NCSC chief | Computer Weekly

Cyber security professionals must develop safeguards for AI-enhanced software generation to prevent vulnerabilities and cyber attacks.
Information security
fromThe Hacker News
4 weeks ago

Why Security Validation Is Becoming Agentic

Security validation tools operate in silos while attackers exploit interconnected systems, creating a structural blind spot that Agentic Exposure Validation can address through continuous, autonomous, context-aware assessment.
Information security
fromTechzine Global
1 month ago

Cyber resilience gap: High confidence, but reality lags behind

Organizations invest heavily in cyber resilience but remain vulnerable to external threats due to perimeter-focused strategies that neglect ecosystem-wide protection.
Information security
fromSecuritymagazine
2 months ago

Understanding Breaches Before and After They Happen: What Every Organization Should Know

Most security breaches result from neglected fundamentals—human error, unpatched systems, weak authentication, and poor network segmentation—rather than advanced, novel exploits.
[ Load more ]