Aisy has emerged from stealth mode with $2.3 million in seed funding for its AI-assisted platform. The post Aisy Launches Out of Stealth to Transform Vulnerability Management appeared first on SecurityWeek.
Among them, 23,000 hosts were persistently responsible for the majority of activity observed over 293 days of scanning. The post 175,000 Exposed Ollama Hosts Could Enable LLM Abuse appeared first on SecurityWeek.
Cybersecurity researchers have discovered malicious Google Chrome extensions that come with capabilities to hijack affiliate links, steal data, and collect OpenAI ChatGPT authentication tokens. One of the extensions in question is Amazon Ads Blocker (ID: pnpchphmplpdimbllknjoiopmfphellj), which claims to be a tool to browse Amazon without any sponsored content. ItRead More »Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access
Two Biden-era memorandums have been revoked, but some of the resources they provide can still be used by government organizations. The post White House Scraps ‘Burdensome’ Software Security Rules appeared first on SecurityWeek.
Cybersecurity researchers have discovered a new campaign attributed to a China-linked threat actor known as UAT-8099 that took place between late 2025 and early 2026. The activity, discovered by Cisco Talos, has targeted vulnerable Internet Information Services (IIS) servers located across Asia, but with a specific focus on targets inRead More »China-Linked UAT-8099 Targets IIS Servers in Asia with BadIIS SEO Malware
Behind the scenes of law enforcement in cyber: what do we know about caught cybercriminals? What brought them in, where do they come from and what was their function in the crimescape? Introduction: One view on the scattered fight against cybercrime The growing sophistication and diversification of cybercrime have compelledRead More »Badges, Bytes and Blackmail
Android users were lured to applications that served a malicious payload hosted in a Hugging Face repository. The post Hugging Face Abused to Deploy Android RAT appeared first on SecurityWeek.
Sandworm/Electrum hackers targeted communication and control systems at 30 sites. The post ICS Devices Bricked Following Russia-Linked Intrusion Into Polish Power Grid appeared first on SecurityWeek.
The critical-severity vulnerabilities could allow unauthenticated attackers to execute arbitrary code remotely. The post Ivanti Patches Exploited EPMM Zero-Days appeared first on SecurityWeek.
A former Google engineer accused of stealing thousands of the company’s confidential documents to build a startup in China has been convicted in the U.S., the Department of Justice (DoJ) announced Thursday. Linwei Ding (aka Leon Ding), 38, was convicted by a federal jury on seven counts of economic espionageRead More »Ex-Google Engineer Convicted for Stealing AI Secrets for China Startup
