Kodak Confirms Breach Following Claims 2.2M Records Stolen
This breach may include internal corporate data and the personal information of customers.
Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline
A French-speaking attacker broke into a small French automotive business, planted a keylogger, and stole banking and email credentials. Ordinary stuff, until one move near the end. Before his command-and-control server went dark, he installed OpenSSH and Tailscale on a victim’s machine, building a way back in that did notRead More »Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline
Adversarial Exposure Validation Turns Security Visibility into Confident Prioritization
For security teams, the findings never stop, but confidence in knowing which ones matter is becoming harder to maintain. The problem is no longer visibility. It’s validation. Security teams must decide which findings warrant action while operating under constant pressure and incomplete information. Increasingly, the challenge is not discovering potentialRead More »Adversarial Exposure Validation Turns Security Visibility into Confident Prioritization
Webinar Today: How Modern Breaches Bypass MFA and Evade Detection
Attendees will learn how attackers evade conventional detection methods, why legacy MFA alone is no longer sufficient, and how organizations can strengthen their defenses. The post Webinar Today: How Modern Breaches Bypass MFA and Evade Detection appeared first on SecurityWeek.
Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats
Cybersecurity researchers have flagged a “coordinated malware campaign” on the JetBrains Marketplace that has published no less than 15 malicious plugins capable of exfiltrating artificial intelligence (AI) provider keys. “Every plugin poses as an AI coding assistant built on DeepSeek and other large language models, offering chat, commit messages, codeRead More »Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats
1Password Acquires Apono in Reported $250M-$300M Deal
Apono specializes in just-in-time access governance technology for humans, machines, and AI agents. The post 1Password Acquires Apono in Reported $250M-$300M Deal appeared first on SecurityWeek.
Tenet Security Emerges From Stealth With $6 Million Seed Funding
Tenet aims to detect and stop dangerous AI agentic behavior in real time. The post Tenet Security Emerges From Stealth With $6 Million Seed Funding appeared first on SecurityWeek.
Rockwell Automation Patches Vulnerabilities in ICS Controllers and Software
The industrial automation giant has fixed security holes in Logix, CompactLogix, Flex, RSLinx, and FactoryTalk products. The post Rockwell Automation Patches Vulnerabilities in ICS Controllers and Software appeared first on SecurityWeek.
AI Use by the US Government
On 14 April, the Trump administration quietly acknowledged the widespread use of AI to automate government processes. The office of management and budget (OMB) disclosed a staggering 3,611 active or planned use cases for AI across the federal government. The list has ballooned by 70% from the one published inRead More »AI Use by the US Government
Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack
The attackers deployed a new Go-based backdoor that uses Microsoft Teams servers for command-and-control. The post Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack appeared first on SecurityWeek.