The Belarus-aligned threat group known as Ghostwriter has been attributed to a fresh set of attacks targeting governmental organizations in Ukraine. Active since at least 2016, Ghostwriter has been linked…
adminAI hallucinations are introducing serious security risks into critical infrastructure decision-making by exploiting human trust through highly confident yet incorrect outputs. When an AI model lacks certainty, it doesn’t have…
Ravie LakshmananMay 14, 2026Vulnerability / API Security Threat actors have been observed attempting to exploit a recently disclosed security vulnerability in PraisonAI, an open-source multi-agent orchestration framework, within four hours…
An anonymous cybersecurity researcher who disclosed three Microsoft Defender vulnerabilities has returned with two more zero-days involving a BitLocker bypass and a privilege escalation impacting Windows Collaborative Translation Framework (CTFMON).…
Ravie LakshmananMay 14, 2026Vulnerability / Linux Details have emerged about a new variant of the recent Dirty Frag Linux local privilege escalation (LPE) vulnerability that allows local attackers to gain…
Ravie LakshmananMay 14, 2026Vulnerability / Web Server Cybersecurity researchers have disclosed multiple security vulnerabilities impacting NGINX Plus and NGINX Open, including a critical flaw that remained undetected for 18 years.…
Microsoft on Tuesday released patches for 138 security vulnerabilities spanning its product portfolio, although none of them have been listed as publicly known or under active attack. Of the 138…
adminRavie LakshmananMay 13, 2026Cyber Espionage / Malware A threat actor with affiliations to China has been linked to a «multi-wave intrusion» targeting an unnamed Azerbaijani oil and gas company between…
Ravie LakshmananMay 13, 2026Vulnerability / Artificial Intelligence Microsoft has unveiled a new multi-model artificial intelligence (AI)-driven system called MDASH to facilitate vulnerability discovery and remediation at scale, adding that it’s…
The Hacker NewsMay 13, 2026Cloud Security / Automation Security teams have never had better visibility into their environments and never been worse at confirming what they fix stays fixed. Mandiant’s…
