Latest Briefings
Critical Oracle E-Business Suite Flaw Under Active Exploitation
Attackers are actively exploiting CVE-2026-46817, a critical unauthenticated takeover vulnerability in Oracle E-Business Suite, weeks after Oracle shipped a patch in its…
Agentic AI Creates a New Class of Identity Risk Security Teams Aren’t Ready For
AI agents authenticate, call APIs, and act across production environments using credentials that most organizations have never fully inventoried. Security leaders say…
Straiker Raises $85M Total to Secure AI Agents in Enterprise Environments
California-based Straiker has closed a $64 million Series A to expand its platform for discovering, testing, and protecting AI agents at runtime.…
Claude Code Hijack Attack Hides Payload in DNS, Never Touches the Repo
Mozilla's 0Din researchers have demonstrated how attackers can weaponize Claude Code's autonomous behavior to spawn a reverse shell on developer machines, with…
US Offers $10M Reward for Russian Hackers Targeting Signal and WhatsApp Accounts
The State Department's Rewards for Justice program is offering up to $10 million for information on two FSB- and GRU-linked groups that…
DOJ Seizes Nearly 400 Illegal World Cup Streaming Domains
U.S. authorities took down close to 400 sites illegally broadcasting World Cup matches, warning that pirate streams expose viewers to malware and…
Microsoft Extends Windows Server 2022 Hotpatching Support to October 2027
Microsoft has pushed the hotpatch support window for Windows Server 2022 Datacenter: Azure Edition one year past mainstream end-of-support, giving enrolled organizations…
WhatsApp Launches Username Reservations to Shield Phone Numbers
Meta is letting WhatsApp users reserve a username now, ahead of a broader rollout later this year that will allow contacts to…
Supreme Court: Geofence Searches Require a Warrant Under Fourth Amendment
In a 6-3 ruling, the Supreme Court held that police must obtain a warrant before accessing cellphone location history from tech companies,…
Nissan Employee Data Breach Tied to Oracle PeopleSoft Zero-Day Attacks
Nissan has disclosed a breach of current and former employee records after ShinyHunters exploited a critical zero-day in Oracle PeopleSoft, part of…
SimpleHelp Auth Bypass Exploited to Deploy Djinn Stealer and TaskWeaver
Attackers are actively exploiting a critical authentication bypass in SimpleHelp RMM software to install two previously undocumented malware families targeting developer credentials,…
Building an Eval Harness for Your AI Features
"It looks good" is not a test. Learn how to build a lightweight evaluation loop that catches prompt regressions, model drift, and…