Trellix discloses the breach of a code repository
Trellix disclosed a security breach affecting part of its source code repository, however, the company says there’s no sign of…
Security
A Ransomware Negotiator Was Working for a Ransomware Gang
Someone pleaded guilty to secretly working for a ransomware gang as he negotiated ransomware payments for clients.
The 200-Day SSL/TLS Certificate Validity and CA-by-CA Updates
When the CA/Browser Forum passed Ballot SC-081v3 in April 2025, it set one universal deadline March 15, 2026, for all…
Fast16 Malware
Researchers have reverse-engineered a piece of malware named Fast16. It’s almost certainly state-sponsored, probably US in origin, and was deployed…
Claude Mythos Has Found 271 Zero-Days in Firefox
That’s a lot. No, it’s an extraordinary number: Since February, the Firefox team has been working around the clock using…
Prevention in the Age of AI Vulnerability Discovery
Why the Mythos moment makes prevention more important, not less Anthropic’s Claude Mythos Preview (Project Glasswing) has pushed a new…
What Anthropic’s Mythos Means for the Future of Cybersecurity
Two weeks ago, Anthropic announced that its new model, Claude Mythos Preview, can autonomously find and weaponize software vulnerabilities, turning…
6 Lessons Security Leaders Must Learn About AI and APIs
Most organizations treating AI security as a model problem are defending the wrong layer. Security teams filter prompts, patch jailbreaks,…
Deep Dive into FIRESTARTER: Persistent Backdoor on Cisco ASA & Firepower Devices
Modern cyber-espionage campaigns are increasingly shifting away from loud exploitation techniques and toward stealth-focused, persistence-driven operations that abuse trusted infrastructure.…
Mirai Turns Unsupported D-Link Routers into DDoS Weapons Using CVE-2025-29635
Researchers have uncovered an active Mirai botnet campaign exploiting CVE-2025-29635, a command-injection vulnerability in legacy D-Link DIR-823X routers, to recruit…