Summary Two independent Israeli researchers built an AI-driven pipeline, dubbed Auto Exploit, that uses an LLM (Anthropic’s Claude-sonnet-4.0), CVE advisories and code patches to automatically generate vulnerable test apps and…
Summary Since the new US presidential administration took office in early 2025, US-based clinics, civil-rights groups and independent newsrooms have increasingly asked so-called “gray-zone” hosting providers to relocate sensitive data…
Hybrid Clouds Provide a Practical Approach to Post-Quantum Migration Summary This Tech Tip by Alex Zaslavsky (SafeLogic) explains a pragmatic route to start post-quantum cryptography (PQC) migration using hybrid-cloud architectures.…
Blast Radius of Salesloft Drift Attacks Remains Uncertain Summary Between 8–18 August, threat actor UNC6395 stole OAuth and refresh tokens from the Drift integration in Salesloft, then used those tokens…
UltraViolet Expands AppSec Capabilities With Black Duck’s Testing Business Summary UltraViolet Cyber has acquired Black Duck’s Application Security Testing (AST) services business, bolstering its unified security operations and AppSec offerings.…
Summary Robert Lackey argues that threat hunting must be a routine part of any mature security programme because attackers still slip past automated defences. Threat hunting is framed as a…
Phishing Empire Runs Undetected on Google, Cloudflare Summary Researchers at Deep Specter Research exposed a multi-year, industrial-scale phishing-as-a-service operation that ran for more than three years using Google Cloud and…
Czech Warning Highlights China Stealing User Data Summary The Czech Republic’s National Cyber and Information Security Agency (NÚKIB) issued a warning about products and services that transfer system and user…
Chinese Hackers Game Google to Boost Gambling Sites Summary A new cybercrime operation tracked by ESET as “GhostRedirector” compromises Windows web servers and installs a malicious native IIS module named…
ISC2 Aims to Bridge DFIR Skill Gap with New Certificate Summary ISC2 has launched the Threat Handling Foundations Certificate, a four-course programme designed to strengthen Digital Forensics and Incident Response…
