What Every Argument About Sideloading Gets Wrong
What Every Argument About Sideloading Gets Wrong Summary Developer Hugo Tunius argues that the oft-repeated claim “I should be able to run whatever code I want on hardware I own”…
AI Agents in Browsers Light on Cybersecurity, Bypass Controls
AI Agents in Browsers Light on Cybersecurity, Bypass Controls Summary Security researchers warn that browser-based AI agents—built by major AI vendors—are automating user workflows but lack basic security awareness. Tests…
Zscaler, Palo Alto Networks Breached via Salesloft Drift
Zscaler, Palo Alto Networks Breached via Salesloft Drift Summary A widespread supply-chain compromise of the Salesloft Drift marketing SaaS has resulted in OAuth and refresh tokens being stolen from its…
Proof-of-Concept in 15 Minutes? AI Turbocharges Exploitation
Proof-of-Concept in 15 Minutes? AI Turbocharges Exploitation Summary Two independent Israeli researchers built an automated offensive-research pipeline (dubbed Auto Exploit) that uses prompts to large language models, CVE advisories and…
Pennsylvania AG says recovery continues after office refused to pay ransomware gang
Pennsylvania AG says recovery continues after office refused to pay ransomware gang Summary Pennsylvania’s Attorney General Dave Sunday said his office has restored its website, phone lines and email for…
Google Says Gmail Security Alert Claims Are False
Google Says Gmail Security Alert Claims Are False Summary Google has denied reports that it issued a broad security warning to Gmail users about a major vulnerability. The company said…
Zscaler, Palo Alto Networks Breached via Salesloft Drift
Zscaler, Palo Alto Networks Breached via Salesloft Drift Summary A large-scale supply chain attack leveraged Salesloft Drift, a marketing SaaS integration with Salesforce, to steal OAuth and refresh tokens and…
Proof-of-Concept in 15 Minutes? AI Turbocharges Exploitation
Proof-of-Concept in 15 Minutes? AI Turbocharges Exploitation Summary An Israeli research duo built an automated offensive pipeline, dubbed Auto Exploit, that uses prompts to a large language model (Anthropic’s Claude-sonnet-4.0),…
Pennsylvania AG says recovery continues after office refused to pay ransomware gang
Pennsylvania AG says recovery continues after office refused to pay ransomware gang Summary Pennsylvania’s Attorney General Dave Sunday says his office has restored its website, phone lines and most employee…
Google Says Gmail Security Alert Claims Are False
Google Says Gmail Security Alert Claims Are False Summary Google has denied reports that it sent a broad security warning to Gmail users about a major vulnerability. In a company…