JADEPUFFER Becomes First Documented AI Driven Ransomware Operation

Security researchers disclosed what is believed to be the first documented ransomware operation conducted almost entirely by an autonomous AI agent, tracked as JADEPUFFER. According to the…
Google detects first AI-Generated zero-day exploit

A new discovery from the Google Threat Intelligence Group (GTIG) has confirmed a fear that many in the cybersecurity world have been concerned about since the rise of effective LLM-based AI coding…
New Criminal Platform Leak Bazaar

Leak Bazaar is an emerging cybercriminal platform that represents a significant evolution in how stolen corporate data is monetized. First advertised in March 2026 on a Russian-speaking cybercrime…
Old habits die hard: 2025’s most common passwords were as predictable as ever

Despite all the new forms of cyberattack, all the complex vulnerabilities, and all the elaborate social engineering techniques leveraged by threat actors, the perennial bugbear of the security…
Defending against the React2Shell vulnerability

Since its disclosure earlier this month, CVE-2025-55182, a vulnerability in React Server Components now commonly referred to as React2Shell, has become an extremely common attack vector. Multiple…
Pushing passkeys forward: Microsoft’s latest updates for simpler, safer sign-ins

Passwords are the first line of defense against threat actors, and as the years have passed, it has become increasingly clear that they are a rather shoddy and failure-prone line of defense. Although…
The Rise of Precision-Validated Credential Theft: A New Challenge for Defenders

A new evolution in the realm of phishing is taking the precision tactics of spear-phishing to new heights. Email-based phishing attacks generally have two major stumbling blocks that can reduce their…
Red Teaming for Generative AI: A Practical Approach to AI Security

Generative AI has provided great benefits to a number of industries, however, as we have discussed in previous commentaries, AI agents come with security risks. Threat actors can potentially induce…
Using CAPTCHA for Compromise: Hackers Flip the Script

CAPTCHA is an important anti-fraud tool that usually protects websites from bot-based attacks such as brute forces and password sprays. In this capacity, they are not only useful, but essential….
The Hidden Risks in Telecom Networks and How to Safeguard Your Organization

Telecom network breaches have been big news for the past few weeks following the public disclosure of a high-profile breach of Verizon by threat actors alleged to be affiliated with China. The big…