Latest Intelligence
AI Driving the Adoption of Confidential Computing
Confidential computing is increasingly being integrated into AI models, indicating a growing intersection between these two technologies. This trend suggests that the security of data processing will become more relevant as AI applications expand. Read Original »
Oracle Fixes Critical Bug in Cloud Code Editor
Oracle has addressed a critical vulnerability in its Cloud Code Editor that could have allowed attackers to compromise a comprehensive set of developer tools within the Oracle Cloud Infrastructure. This fix is essential for maintaining the security of the cloud environment. Read Original »
ISC2 Finds Orgs Are Increasingly Leaning on AI
Organizations are increasingly adopting AI to enhance their workflows and cybersecurity practices. However, there is a segment of organizations that remains hesitant, expressing concerns about the potential negative aspects of AI implementation. Read Original »
Elite 'Matanbuchus 3.0' Loader Spruces Up Ransomware Infections
The article discusses the upgraded 'Matanbuchus 3.0' loader, a cybercrime tool that enhances the efficiency of targeted ransomware attacks. It includes advanced features such as EDR-spotting and DNS-based command and control communication, making it a significant threat in the cybersecurity landscape. Read Original »
Women Who 'Hacked the Status Quo' Aim to Inspire Cybersecurity Careers
A group of female pioneers in cybersecurity aims to share their experiences and insights on overcoming challenges in a male-dominated field. Their goal is to inspire and empower other women to pursue successful careers in cybersecurity. Read Original »
Hackers Leverage Microsoft Teams to Spread Matanbuchus 3.0 Malware to Targeted Firms
Cybersecurity researchers have identified a new variant of the Matanbuchus malware loader, which enhances its stealth capabilities to evade detection. This malware-as-a-service can facilitate the delivery of various next-stage payloads, including Cobalt Strike beacons and ransomware. Read Original »
Europol-Coordinated Global Operation Takes Down Pro-Russian Cybercrime Network
A global operation, codenamed Eastwood, led by Europol has successfully dismantled the pro-Russian cybercrime group NoName057(16), known for conducting DDoS attacks on entities associated with a NATO summit. This operation highlights the ongoing threats posed by cybercriminal organizations linked to geopolitical tensions. Read Original »
Cognida.ai Launches Codien: An AI Agent to Modernize Legacy Test Automation and Fast-Track Test Creation
Cognida.ai has launched Codien, an AI agent designed to modernize legacy test automation and accelerate the process of test creation. This innovation aims to improve efficiency and effectiveness in software testing. Read Original »
Fully Patched SonicWall Gear Under Likely Zero-Day Attack
A threat actor, likely associated with the Abyss ransomware group, is exploiting a zero-day vulnerability to install the 'Overstep' backdoor on SonicWall devices that are fully patched. This indicates a significant security risk despite the devices being up-to-date. Read Original »
Securing the Budget: Demonstrating Cybersecurity's Return
The article emphasizes the importance of tying cybersecurity investments to measurable outcomes to effectively communicate their value. By demonstrating reduced breach likelihood and financial impact, CISOs can better align with stakeholders and justify their budgets based on tangible risks. Read Original »
UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit
A threat group known as UNC6148 has been targeting fully-patched SonicWall SMA 100 series devices with a backdoor named OVERSTEP. This malicious activity has been ongoing since at least October 2024, highlighting the vulnerabilities in end-of-life appliances. Read Original »
Critical Golden dMSA Attack in Windows Server 2025 Enables Cross-Domain Attacks and Persistent Access
Researchers have identified a critical design flaw in delegated Managed Service Accounts (dMSAs) in Windows Server 2025, which could lead to severe security breaches. This vulnerability allows for cross-domain lateral movement and provides persistent access to managed service accounts and their resources within Active Directory. Read Original »
AI Agents Act Like Employees With Root Access—Here's How to Regain Control
The article highlights the risks associated with deploying AI systems without proper security measures, likening them to junior employees with root access. It emphasizes the need for identity-first security to prevent unauthorized access and control issues as enterprises increasingly adopt generative AI technologies. Read Original »
Urgent: Google Releases Critical Chrome Update for CVE-2025-6558 Exploit Active in the Wild
Google has released a critical update for Chrome to address six security issues, including a high-severity vulnerability, CVE-2025-6558, which is actively being exploited. This vulnerability involves incorrect validation of untrusted input in the browser's ANGLE and GPU components. Read Original »
Deepfakes. Fake Recruiters. Cloned CFOs — Learn How to Stop AI-Driven Attacks in Real Time
Social engineering attacks have evolved significantly, utilizing generative AI and deepfake technology to create highly convincing impersonations of executives and organizations. These sophisticated tactics go beyond simple phishing, posing serious threats to cybersecurity. Read Original »