New critical Exim mailer flaw allows remote code execution
…AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming. At the Autonomous Validation Summit (May 12 & 14), see how…
Search
5 Steps to Managing Shadow AI Tools Without Slowing Down Employees
…Most security tools were built to monitor email and network traffic flowing through the corporate network. A browser-based AI tool that connects to company data through a quick login approval bypasses…
FBI warns of Kali365 phishing service targeting Microsoft 365 accounts
…attackers access to advanced phishing capabilities, including AI-generated phishing lures, automated campaign templates, real-time victim-tracking dashboards, and token-capture functionality. Security researchers at Arctic Wolf reported on Kali365 activity…
Ivanti warns of new EPMM flaw exploited in zero-day attacks
…AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming. At the Autonomous Validation Summit (May 12 & 14), see how…
Why the browser is now the front line for AI security
Why the browser is now the front line for AI security Sponsored by Push Security June 2, 2026 10:30 AM Security teams are staring at two AI problems at once. Adversaries…
Dell confirms its SupportAssist software causes Windows BSOD crashes
…AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming. At the Autonomous Validation Summit (May 12 & 14), see how…
73 Seconds to Breach, 24 Hours to Patch: The Case for Autonomous Validation
…This guide from Picus Labs covers the 12 operational recommendations security teams need to close the gap between AI-speed offense and human-speed defense, including five actions for week one. Download…
Shai Hulud attack ships signed malicious TanStack, Mistral npm packages
…According to supply-chain security platform SafeDep, although the trigger mechanism is different in compromised Mistral AI and TanStack packages, they drop the same credential-stealing payload. Microsoft Threat Intelligence analyzed the…
New 'HTTP/2 Bomb' DoS attack crashes web servers in under a minute
…details for the HTTP/2 Bomb DoS attack will be disclosed at the Real World AI Security conference later this month in a presentation from researcher Quang Luong. However, proof-of-concept…
New PCPJack worm steals credentials, cleans TeamPCP infections
…TeamPCP deploys Iran-targeted wiper in Kubernetes attacks TeamPCP hackers advertise Mistral AI code repos for sale OpenAI confirms security breach in TanStack supply chain attack SAP fixes critical vulnerabilities in Commerce…