Founded in 2022 to help organizations with the secure deployment of generative-AI utilities, Aim emerged from stealth in January 2024. The post Cato Networks Acquires AI Security Firm Aim Security appeared first on SecurityWeek.
Threat actors are attempting to leverage a newly released artificial intelligence (AI) offensive security tool called HexStrike AI to exploit recently disclosed security flaws. HexStrike AI, according to its website, is pitched as an AI‑driven security platform to automate reconnaissance and vulnerability discovery with an aim to accelerate authorized redRead More »Threat Actors Weaponize HexStrike AI to Exploit Citrix Flaws Within a Week of Disclosure
A study dives into the data collected by wearable devices to better understand how it is being used.
Known for her seminal book, A Hacker Manifesto, Wark reframes hacking as a cultural force rooted in play, creativity, and human nature. The post Hacker Conversations: McKenzie Wark, Author of A Hacker Manifesto appeared first on SecurityWeek.
In January 2025, cybersecurity experts at Wiz Research found that Chinese AI specialist DeepSeek had suffered a data leak, putting more than 1 million sensitive log streams at risk. According to the Wiz Research team, they identified a publicly accessible ClickHouse database belonging to DeepSeek. This allowed “full control overRead More »Detecting Data Leaks Before Disaster
Attack disrupted email, phones, and websites for weeks, but officials say no ransom was paid. The post Pennsylvania Attorney General Confirms Ransomware Behind Weeks-Long Outage appeared first on SecurityWeek.
Google has shipped security updates to address 120 security flaws in its Android operating system as part of its monthly fixes for September 2025, including two issues that it said have been exploited in targeted attacks. The vulnerabilities are listed below – CVE-2025-38352 (CVSS score: 7.4) – A privilege escalationRead More »Android Security Alert: Google Patches 120 Flaws, Including Two Zero-Days Under Attack
Really good research on practical attacks against LLM agents. “Invitation Is All You Need! Promptware Attacks Against LLM-Powered Assistants in Production Are Practical and Dangerous” Abstract: The growing integration of LLMs into applications has introduced new security risks, notably known as Promptware—maliciously engineered prompts designed to manipulate LLMs to compromiseRead More »Indirect Prompt Injection Attacks Against LLM Assistants
An Iran-nexus group has been linked to a “coordinated” and “multi-wave” spear-phishing campaign targeting the embassies and consulates in Europe and other regions across the world. The activity has been attributed by Israeli cybersecurity company Dream to Iranian-aligned operators connected to broader offensive cyber activity undertaken by a group knownRead More »Iranian Hackers Exploit 100+ Embassy Email Accounts in Global Phishing Targeting Diplomats
The automotive company said it disconnected its systems, which severely impacted both retail and manufacturing operations. The post Jaguar Land Rover Operations ‘Severely Disrupted’ by Cyberattack appeared first on SecurityWeek.
