Malware is evolving to evade sandboxes by pretending to be a real human behind the keyboard. The Picus Red Report 2026 shows 80% of top attacker techniques now focus on evasion and persistence, including geometry-based cursor tests and CPU timing checks. […]
OpenAI Rolls Out Codex Security Vulnerability Scanner
Codex Security, formerly Aardvark, has found hundreds of critical vulnerabilities in tested software in the past month.
The post OpenAI Rolls Out Codex Security Vulnerability Scanner appeared first on SecurityWeek.
Kevin Mandia’s Armadin Launches With $190 Million in Funding
Armadin uses AI-powered red teaming to find and exploit weaknesses in the same way that attackers attack them.
The post Kevin Mandia’s Armadin Launches With $190 Million in Funding appeared first on SecurityWeek.
New “LeakyLooker” Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries
Cybersecurity researchers have disclosed nine cross-tenant vulnerabilities in Google Looker Studio that could have permitted attackers to run arbitrary SQL queries on victims’ databases and exfiltrate sensitive data within organizations’ Google Cloud environments.
The shortcomings have been collectively named LeakyLooker by Tenable. There is no evidence that the vulnerabilities were exploited in
The shortcomings have been collectively named LeakyLooker by Tenable. There is no evidence that the vulnerabilities were exploited in
Hundreds of Salesforce Customers Allegedly Targeted in New Data Theft Campaign
Salesforce has confirmed that customers are being targeted via poorly secured instances.
The post Hundreds of Salesforce Customers Allegedly Targeted in New Data Theft Campaign appeared first on SecurityWeek.
Escape Raises $18 Million to Automate Pentesting
The company will deepen its platform’s AI agent capabilities and scale engineering and go-to-market teams.
The post Escape Raises $18 Million to Automate Pentesting appeared first on SecurityWeek.
Recent Ivanti Endpoint Manager Flaw Exploited in Attacks
CISA has added the high-severity authentication bypass vulnerability to its KEV list, along with SolarWinds and Workspace One bugs.
The post Recent Ivanti Endpoint Manager Flaw Exploited in Attacks appeared first on SecurityWeek.
How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows
Artificial Intelligence (AI) is no longer just a tool we talk to; it is a tool that does things for us. These are called AI Agents. They can send emails, move data, and even manage software on their own.
But there is a problem. While these agents make work faster, they also open a new “back door” for hackers.
The Problem: “The Invisible Employee”
Think of an AI Agent like a new employee who has
But there is a problem. While these agents make work faster, they also open a new “back door” for hackers.
The Problem: “The Invisible Employee”
Think of an AI Agent like a new employee who has
CISA: Recently patched Ivanti EPM flaw now actively exploited
CISA flagged a high-severity Ivanti Endpoint Manager (EPM) vulnerability as actively exploited in attacks and ordered U.S. federal agencies to patch systems within three weeks. […]
The Zero-Day Scramble is Avoidable: A Guide to Attack Surface Reduction
You can’t control when the next critical vulnerability drops. You can control how much of your environment is exposed when it does. The problem is that most teams have more internet-facing exposure than they realise. Intruder’s Head of Security digs into why this happens and how teams can manage it deliberately.
Time-to-exploit is shrinking
The larger and less controlled your attack surface is,
Time-to-exploit is shrinking
The larger and less controlled your attack surface is,