News & updates

OceanLotus Shifts Focus to Domestic Espionage and Targeted Supply-Chain Attacks TL;DR ESET Research reports a strategic realignment by the Vietnamese APT group OceanLotus, observable between 2024 and 2026, emphasizing domestic espionage alongside targeted cyber…

Exploiting Persistent Layers: Vulnerabilities in LangGraph Framework TL;DR Check Point Research has identified three vulnerabilities in LangGraph, an open-source framework for stateful AI agents. Two of these vulnerabilities could lead to remote code execution through…

Behavioral Integrity Verification Aims to Secure AI Agents AI agents are increasingly vulnerable due to their reliance on third-party skills that can run within privileged contexts. Palo Alto Networks highlights the emergence of Behavioral Integrity Verification…

Cyber Resilience in the Face of Increasing SMB Cyber Incidents TL;DR Many small and medium-sized businesses (SMBs) underestimate common cyber threats while overestimating the risk from emerging technologies like AI. A lack of basic cybersecurity measures remains a…

Zero Trust in the Age of AI: Addressing Emerging Risks The increasing use of AI agents within enterprises poses significant challenges for zero trust security models, as highlighted by Netskope’s recent research. Traditional zero trust architectures assume that all…

Normalcy Bias Impedes Cybersecurity Effectiveness TL;DR The normalcy bias leads organizations to underestimate cyber threats, contributing to a rise in significant cyber incidents. Despite increasing breach rates, organizations often fail to adapt their security…

Major Security Vulnerabilities in Microsoft June 2026 Patch TL;DR Microsoft’s June 2026 security update addresses 206 vulnerabilities, including 32 categorized as critical, primarily related to remote code execution across various systems. Cisco Talos identified…

Cloud Logging Services Under Threat: Evasion Techniques and Implications TL;DR Attackers increasingly target cloud logging services such as AWS CloudTrail and Google Cloud Logging to evade detection and maintain visibility within compromised environments….

Rise of Social Engineering via Collaboration Tools In recent months, Unit 42 has highlighted an alarming trend where threat actors increasingly exploit collaboration platforms like Microsoft Teams for social engineering attacks. Incidents have risen significantly,…

Zero Trust Model Essential for Operational Technology Security Federal Operational Technology environments are increasingly integrating with enterprise IT and cloud systems, according to guidance from the Cybersecurity and Infrastructure Security Agency. This…

Active Exploitation of PAN-OS Vulnerability CVE-2026-0257 Threat actors are currently exploiting a vulnerability in PAN-OS identified as CVE-2026-0257, as reported by Palo Alto Networks Unit 42. This security issue, characterized by an authentication bypass affecting…

New Executive Order Highlights Urgent AI Cybersecurity Actions for Federal Agencies The United States has issued a significant Executive Order focused on advancing artificial intelligence while also fortifying cybersecurity. The order, released on June 2, 2026, calls…