Archives: News
News articles and updates
Tiny Pixel Changes Trick AI Vision Models
Cisco researchers found attackers can use invisible pixel tweaks to fool vision-language models, risking misclassification in critical applications.
TrustFall Attack Reveals AI Supply Chain Threat
TrustFall attack manipulates AI coding agents to insert stealthy supply chain compromises, endangering software projects worldwide.
Stealth MCP Hijack Steals Claude Code Tokens
Mitiga researchers exposed a flaw letting attackers redirect Claude Code MCP traffic to steal OAuth tokens. This grants persistent SaaS access undetected.
Webinar Tackles Identity Security for AI, Machines
A webinar on securing identities for humans, machines, and AI occurred today. It covered strategies to manage risks from evolving service accounts and AI processes.
Cisco Fixes Critical Flaws in Key Enterprise Gear
Cisco patched high-severity vulnerabilities in enterprise products that enable code execution, SSRF, and DoS attacks. Organizations urged to update immediately.
Ransomware Hits Canvas, Halts US Education
A cybercrime group defaced Canvas login page with ransom note, threatening 275M user records from 9,000 schools. Classes disrupted nationwide on May 8, 2026.
AI’s Role in SIEM Rule Translation Challenges
Researchers propose AI to automate rewriting detection rules during SIEM migrations between vendors like Splunk and Sentinel. Manual efforts currently dominate transitions due to differing query languages.
World's First AI-Driven Cyberattack Couldn't Breach OT Systems
A sophisticated cyberattack that integrated artificial intelligence for the first time failed to penetrate operational technology systems protected by SCADA interfaces. Security researchers confirmed the incident on May 5, 2026, marking a key test of AI’s limits in real-world cyber operations. No OT systems reported breaches, highlighting the resilience of industrial control defenses. What Happened...
Your AI Agents Are Already Inside the Perimeter. Do You Know What They're Doing?
Analysts at Gartner have confirmed that AI agents now operate within enterprise networks faster than companies can establish oversight. The firm’s first Market Guide for Guardian Agents, released in early 2026, notes enterprise adoption of these agents outpaces the development of governance policies. Identity security teams had suspected this trend for months, as deployments surged...
Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE
The Apache Software Foundation released security updates for its HTTP Server on May 6, 2026, addressing multiple flaws, including a critical vulnerability in HTTP/2 handling. Tracked as CVE-2026-23918 with a CVSS score of 8.8, the issue involves a double-free error that enables denial-of-service attacks and potential remote code execution. Web servers worldwide running affected versions...