Latest Intelligence
Cyata Emerges From Stealth With $8.5 Million in Funding
Cyata, an Israeli startup, has emerged from stealth mode with $8.5 million in funding to assist organizations in managing AI agents within their environments. The company's focus is on helping organizations identify, monitor, and control these AI agents effectively. Read Original »
Eviction Strategies Tool Released
CISA has launched the Eviction Strategies Tool to aid cyber defenders in effectively containing and evicting adversaries during incident response. This tool combines the Playbook-NG application and the COUN7ER database to provide tailored eviction plans based on specific adversary tactics. Read Original »
Chinese Firms Linked to Silk Typhoon Filed 15+ Patents for Cyber Espionage Tools
Chinese firms associated with the Silk Typhoon hacking group have filed over 15 patents related to cyber espionage tools. These patents reveal advancements in technology for data collection and forensic analysis, highlighting the capabilities of the shadowy cyber contracting ecosystem. Read Original »
Cost of Data Breach in US Rises to $10.22 Million, Says Latest IBM Report
The latest IBM report indicates that while the global average cost of a data breach has decreased to $4.44 million, the average cost in the US has reached a record high of $10.22 million. This marks a significant trend in the financial impact of data breaches in the US compared to the global average. Read Original »
Flaw in Vibe Coding Platform Base44 Exposed Private Enterprise Applications
A critical authentication bypass vulnerability in the Vibe Coding Platform Base44 was discovered by researchers at Wiz. The owner, Wix, has quickly patched the issue to protect private enterprise applications from potential exposure. Read Original »
Minnesota Activates National Guard in Response to Cyberattack
Minnesota Governor Tim Walz has activated the National Guard to aid the City of Saint Paul in addressing a cyberattack. This response underscores the seriousness of the incident and the need for additional support in cybersecurity efforts. Read Original »
Product Walkthrough: A Look Inside Pillar's AI Security Platform
Pillar Security is developing a comprehensive AI security platform aimed at addressing challenges throughout the software development and deployment lifecycle. The platform focuses on building trust in AI systems by introducing innovative methods for detecting AI threats. Read Original »
Apple Patches Safari Vulnerability Also Exploited as Zero-Day in Google Chrome
Apple has released security updates to address a vulnerability that was also exploited as a zero-day in Google Chrome. The vulnerability, identified as CVE-2025-6558, involves incorrect validation of untrusted input, potentially allowing for a sandbox escape. Read Original »
Google Launches DBSC Open Beta in Chrome and Enhances Patch Transparency via Project Zero
Google has launched an open beta for its Device Bound Session Credentials (DBSC) feature, which aims to protect users from session cookie theft attacks by binding authentication sessions to specific devices. This security measure was initially introduced as a prototype in April 2024. Read Original »
Tonic Security Launches With $7 Million in Seed Funding
Tonic Security has launched from stealth mode with the aim of addressing the challenges associated with exposure and vulnerability management. The company has secured $7 million in seed funding to support its initiatives. Read Original »
Cobalt Strike Beacon delivered via GitHub and social media
A campaign has been identified that targets Russian entities by using social media platforms, Microsoft Learn Challenge, Quora, and GitHub as intermediaries to deliver Cobalt Strike Beacon. This highlights the diverse methods attackers use to exploit legitimate platforms for malicious purposes. Read Original »
Apple Patches Safari Vulnerability Flagged as Exploited Against Chrome
A vulnerability tracked as CVE-2025-6558 was discovered in Chrome's ANGLE and GPU components, and it has been flagged as actively exploited by Google TAG. Apple has responded by patching a related vulnerability in Safari. Read Original »
African Orgs Fall to Mass Microsoft SharePoint Exploits
The article reports on a mass compromise of on-premises Microsoft SharePoint servers, with the National Treasury of South Africa being one of the known victims. This incident highlights significant cybersecurity vulnerabilities affecting multiple organizations across various nations. Read Original »
Hackers Exploit SAP Vulnerability to Breach Linux Systems and Deploy Auto-Color Malware
Threat actors exploited a critical SAP NetWeaver vulnerability to breach a U.S.-based chemicals company's network and deploy the Auto-Color backdoor. The attack involved suspicious file downloads and communication with malicious infrastructure over a three-day period. Read Original »
Axonius Acquires Medical Device Security Firm Cynerio in $100 Million Deal
Axonius has completed the acquisition of Cynerio, a medical device security firm, for $100 million. This move aims to enhance Axonius's presence in the healthcare sector. Read Original »