New Research from UpGuard: 1 in 5 Developers Grant AI Vibe Coding Tools Unrestricted Workstation Access

In using AI to improve efficiency, developers are granting extensive permissions to download content from the web, and read, write, and delete files on their machines without requiring developer ...
CSO Online

Russian hackers exploited a critical Office bug within days of disclosure

Within days of Microsoft patching a critical Office zero-day, the Russia-linked group “APT28” was already exploiting the flaw in a live campaign tracked as Operation Neusploit.
CSO Online

Software supply chain risks join the OWASP top 10 list, access control still on top

There were some changes to the recently updated OWASP Top 10 list, including the addition of supply chain risks. But old ...

Critical n8n flaws disclosed along with public exploits

Multiple critical vulnerabilities in the popular n8n open-source workflow automation platform allow escaping the confines of ...

The Double-Edged Sword of Non-Human Identities

Leaked non-human identities like API keys and tokens are becoming a major breach driver in cloud environments. Flare shows ...
Microsoft

Detecting backdoored language models at scale

Learn how Microsoft research uncovers backdoor risks in language models and introduces a practical scanner to detect ...