News & updates

Evolving Cybersecurity Risks in Manufacturing Operational Technology Manufacturing plants face increasing cybersecurity risks due to aging operational technology systems, as highlighted in research by ESET. The convergence of information technology and operational…

Profound Risks of the Evolving ClickFix Infostealer Campaign In April 2026, Netskope Threat Labs reported an AppleScript-based infostealer campaign known as ClickFix targeting macOS users. An upgraded variant of this campaign was intercepted on May 31, 2026. This new…

AI Guardrails: A Necessity for Tailored Cybersecurity Protections TL;DR Many existing AI guardrails, such as those offered by mainstream providers like OpenAI and Anthropic, are too generic for effective security applications, leading to operational frustrations for…

Zero Trust Principles in AI Security Strategies TL;DR A recent examination of the RSA Conference themes highlights a regression in security focus from zero trust principles to an overreliance on AI assurances. Advocating for the integration of zero trust into AI…

Phishing Kit Exploits OAuth 2.0 Device Code Flow for Account Takeovers Phishing attacks have evolved significantly, with the recent emergence of the EvilTokens phishing kit demonstrating a sophisticated method of compromising Microsoft 365 accounts without needing to…

Vulnerability in Google Cloud Vertex AI SDK Enables Remote Code Execution A recently discovered vulnerability in the Google Cloud Vertex AI SDK for Python allows an attacker to hijack a user’s model upload and execute arbitrary code. This finding was reported by…

Malware Campaign Targeting Steam Workshop Users Two sentences: A significant malware campaign has been uncovered targeting users of the Steam Workshop, particularly focused on gamers in China and Russia. Attackers exploit the Wallpaper Engine app to disseminate…

The speed gap is a critical challenge for modern security operations Recent research from Unit 42 reveals a significant operational threat: the speed gap faced by security operations centers (SOCs) in responding to increasingly rapid cyberattacks. With adversaries…

OAuth Authorization Abuse: A Growing Threat Amidst AI Adoption The research presented by Netskope Threat Labs at Infosecurity Europe 2026 highlights the critical vulnerabilities associated with OAuth token misuse, exacerbated by the integration of AI agents in…

New Forensic Artifact Enhances User Intent Analysis in macOS The recent identification of a new forensic artifact, App.MenuItem, by Palo Alto Networks’ Unit 42 team, presents forensic examiners with a significant enhancement for analyzing user behavior in macOS Tahoe…

AI-Driven Vulnerabilities: A New Era in Cybersecurity Rapid advancements in artificial intelligence are outpacing traditional human capabilities for patching vulnerabilities, according to research published by Talos. AI models are now capable of autonomously…

OceanLotus Shifts Focus to Domestic Espionage and Targeted Supply-Chain Attacks TL;DR ESET Research reports a strategic realignment by the Vietnamese APT group OceanLotus, observable between 2024 and 2026, emphasizing domestic espionage alongside targeted cyber…