Autonomous AI agents are creating a new identity blind spot as they operate outside traditional IAM controls. Token Security shows why managing the full lifecycle of AI agent identities is becoming a critical CISO priority. […]
RapidFort Raises $42M to Automate Software Supply Chain Security
The company will use the latest capital to scale its go-to-market efforts and expand its platform’s capabilities.
The post RapidFort Raises $42M to Automate Software Supply Chain Security appeared first on SecurityWeek.
UK privacy watchdog probes Grok over AI-generated sexual images
The United Kingdom’s data protection authority launched a formal investigation into X and its Irish subsidiary over reports that the Grok AI assistant was used to generate nonconsensual sexual images. […]
[Webinar] The Smarter SOC Blueprint: Learn What to Build, Buy, and Automate
Most security teams today are buried under tools. Too many dashboards. Too much noise. Not enough real progress.
Every vendor promises “complete coverage” or “AI-powered automation,” but inside most SOCs, teams are still overwhelmed, stretched thin, and unsure which tools are truly pulling their weight. The result? Bloated stacks, missed signals, and mounting pressure to do more with less.
This
Every vendor promises “complete coverage” or “AI-powered automation,” but inside most SOCs, teams are still overwhelmed, stretched thin, and unsure which tools are truly pulling their weight. The result? Bloated stacks, missed signals, and mounting pressure to do more with less.
This
Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package
Threat actors have been observed exploiting a critical security flaw impacting the Metro Development Server in the popular “@react-native-community/cli” npm package.
Cybersecurity company VulnCheck said it first observed exploitation of CVE-2025-11953 (aka Metro4Shell) on December 21, 2025. With a CVSS score of 9.8, the vulnerability allows remote unauthenticated attackers to execute arbitrary
Cybersecurity company VulnCheck said it first observed exploitation of CVE-2025-11953 (aka Metro4Shell) on December 21, 2025. With a CVSS score of 9.8, the vulnerability allows remote unauthenticated attackers to execute arbitrary
Hackers exploit critical React Native Metro bug to breach dev systems
Hackers are targeting developers by exploiting the critical vulnerability CVE-2025-11953 in the Metro server for React Native to deliver malicious payloads for Windows and Linux. […]
Critical React Native Vulnerability Exploited in the Wild
Albeit mainly considered a theoretical risk, the flaw has been exploited to disable protections and deliver malware.
The post Critical React Native Vulnerability Exploited in the Wild appeared first on SecurityWeek.
Vulnerability Allows Hackers to Hijack OpenClaw AI Assistant
OpenClaw (aka Moltbot and Clawdbot) is vulnerable to one-click remote code execution attacks.
The post Vulnerability Allows Hackers to Hijack OpenClaw AI Assistant appeared first on SecurityWeek.
French prosecutors raid X offices, summon Musk over Grok deepfakes
French prosecutors have raided X’s offices in Paris on Tuesday as part of a criminal investigation into the platform’s Grok AI tool, widely used to generate sexually explicit images. […]
Hackers Leak 5.1 Million Panera Bread Accounts
ShinyHunters has claimed the theft of 14 million records from the US bakery-cafe chain’s systems.
The post Hackers Leak 5.1 Million Panera Bread Accounts appeared first on SecurityWeek.