Reducing security operations complexity with Wazuh Cloud
… A managed, cloud-native architecture handles the infrastructure, maintenance, and scalability challenges that consume security teams in self-managed environments. …
Search
New PCPJack worm steals credentials, cleans TeamPCP infections
… PCPJack’s capabilities revolve mainly around credential theft, targeting cloud environments, developer systems, messenger apps, financial services, databases, SSH keys, Slack tokens, WordPress configs, OpenAI keys, Anthropic keys, Discord, DigitalOcean, and more. …
Early Warning Signs of Supply-Chain Attacks Live in the Dark Web
… Because LiteLLM is used as an AI gateway, the incident also shows how supply-chain risk is expanding into AI infrastructure and developer tooling. Developer environments themselves are also becoming attractive targets. …
Why the browser is now the front line for AI security
Why the browser is now the front line for AI security Sponsored by Push Security June 2, 2026 10:30 AM Security teams are staring at two AI problems at once. Adversaries are using AI to iterate on phishing kits, generate lures, and rotate infrastructure faster than blocklists can follow. …
AI-built ransomware toolkit automates EDR evasion, AD discovery
… Sophos found no evidence that AI was embedded in deployed malware or operating independently in victim environments. Instead, the technology was used to accelerate the iterative process of developing, testing, and refining payloads against security products. …
Critical Microsoft Vulnerabilities Doubled: From Exposure to Escalation
… They're thinking differently about what privilege means in a cloud-first environment. In the organizations we work with, AI agents have quickly evolved from a future concern into a present reality almost overnight, and most lack the AI security posture management necessary for proper governance. …
How SIEM helps MSPs reduce noise and stop threats faster
… Why SIEM has become essential for MSPs Modern attacks rarely remain confined to a single area of the environment. Threat actors move between systems, user accounts, cloud applications and connected infrastructure as part of the same attack. …
Path traversal flaw in AI dev platform Langflow exploited in attacks
… Get the whitepaper Related Articles: Max-severity flaw in ChromaDB for AI apps allows server hijacking 18-year-old NGINX vulnerability allows DoS, potential RCE Google: Hackers used AI to develop zero-day exploit for web admin tool Hackers are exploiting a critical LiteLLM pre-auth SQLi flaw Anthro… …
The ‘Miasma’ worm source code briefly leaked on GitHub
… Get the whitepaper Related Articles: New IronWorm malware hits 36 packages in npm supply-chain attack GitHub disables Microsoft repos pushing password-stealing malware New Shai-Hulud attack trojanizes 19 science-focused PyPI packages Red Hat npm packages compromised to steal developer credentials N… …
Shai Hulud attack ships signed malicious TanStack, Mistral npm packages
… Application security company StepSecurity notes that the threat actor published the infected packages via the legitimate CI/CD pipeline, carrying valid SLSA provenance attestations issued by npm's signing infrastructure and "tied to the legitimate TanStack/router Release workflow." Endor Labs repor… …