Neo4j plots Palantir alternative with GraphAware acquisition
Graph database biz says on-prem, air-gapped intel stack gives governments a no-kill-switch option
Security & Lifecycle News
Aggregated from vendor advisories, security research, and industry publications.
Zscaler launches zero trust platform for agentic AI
Zscaler announced what it calls the first complete zero trust platform for agentic AI, aimed at securing how AI agents access data and talk to one another. “Traditional security…
GPS As a Key Distribution Platform
This is interesting: The U.S. military has likely been quietly broadcasting codes for its global encryption network using public GPS for nearly 20 years, turning each satellite int…
Claude Mythos Turns N-Days Into N-Hours With Rapid Exploit Creation
Public LLM models with safeguards turned off can also build working exploits, increasing patch gap risks. The post Claude Mythos Turns N-Days Into N-Hours With Rapid Exploit Creati…
PP113: Patch Gaps, Pretexting, and AI Use for Crimes and Crimefighting: 2026 Verizon DBIR Highlights
The Verizon Data Breach Investigations Report (DBIR) is a postmortem of a year’s worth of cyber incidents and breaches, and a snapshot of how well organizations are responding to a…
New Veeam vulnerability exposes backup servers to RCE attacks
Veeam has released security updates to patch a critical Backup & Replication security flaw that can be exploited to gain remote code execution (RCE) on domain-joined backup servers…
LibreOffice brands Euro-Office a 'de facto ally' of Microsoft's lock-in strategy
The Document Foundation accuses newly launched Euro-Office of undermining digital sovereignty by defaulting to Microsoft's OOXML document format
HW081: What to Do About the 6GHz Upper Band Split
The upper 6 gigahertz band is fracturing among national lines after a verdict from regulatory bodies in the UK and the EU. While the US enjoys full Wi-Fi access along the entire 12…
AI inference moving to private clouds, Broadcom says
The majority of enterprises now either run or plan to run AI workloads in private clouds, according to a survey of 1,800 senior IT decision makers conducted by Radius Tech on behal…
Devs know AI code is riddled with holes, but ship it anyway
Pressure to deploy wins out over security as four in five orgs confess to breaches from vulnerable apps
New Platform Uses Cryptographic Invisibility to Protect AI-Built Applications
Atsign’s AI Architect applies cryptographic protections to agentic software development, aiming to prevent attackers from exploiting vulnerabilities by making application identitie…
Signal says UK plan to scan devices for nude images 'endangers us all'
Encrypted messaging app warns device-level checks could be repurposed for censorship
WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine
Two Russia-aligned cyber attack campaigns have continued to exploit a security flaw in WinRAR to target Ukrainian organisations, almost a year after patches for the vulnerability w…
SAP Patches Critical NetWeaver, Commerce Vulnerabilities
The flaws could lead to the disclosure of sensitive information, memory corruption, and disruption of normal system usage. The post SAP Patches Critical NetWeaver, Commerce Vulnera…
Chrome's zero-day Whac-A-Mole continues with fifth exploited bug of the year
Google paid researcher a tidy $55K bounty for its discovery
Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight Models
University of Toronto researchers have built and tested a proof-of-concept AI-driven computer worm that uses a locally hosted open-weight large language model to reason its way thr…
Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild - Patch Now
Google has released security updates to address 74 vulnerabilities, including one that has come under active exploitation in the wild. The high-severity vulnerability, tracked as …
Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks
The most recent variants of the self-propagating attacks are named Miasma and Hades. The post Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks appeared first …
The Hidden Security Risk in Modern Networks: The Work Between Tools
Organizations have more visibility than ever. Growing tech stacks provide greater coverage, and network security teams are increasingly adopting AI and automation to help with rout…
France probes compromise of gov messaging platform after account hijack
Authorities say the breach only exposed public chat rooms, but alleged attacker claims to have accessed far more data
Will AI Kill the Bug Bounty Industry?
Anthropic's Mythos is accelerating vulnerability discovery to machine speed, forcing the bug bounty industry and offensive security teams to adapt to a future where finding flaws i…
French govt messaging service breached in account hijacking attack
DINUM, the digital affairs directorate of the French government, warned that hackers used a hijacked user account to breach Tchap, the French government's encrypted messaging platf…
Kyndryl showers execs with shares while staff ponder redundancy packages
IBM spin-off's top brass bag six-figure stock awards
Next stop, C:\ ... Paris Metro screen goes off the tracks
Prochain arrêt: Gare du Bork! French capital city train does the tech can-can
New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing
A malicious website can work out which sites you visit and which apps you open, using nothing but JavaScript and the timing of your SSD. The attack, called FROST, needs no native c…
Check Point VPN Zero-Day Exploited in Qilin Ransomware Attacks
The authentication bypass vulnerability allows attackers to establish VPN connections without a valid password. The post Check Point VPN Zero-Day Exploited in Qilin Ransomware Atta…
Qilin NHS breach tally grows as Essex trust confirms stolen records
Two years on from ransomware attack, hospitals are still trying to identify and warn patients
Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer
The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel artifacts across 19 packages in the Python Package Index (PyPI…
UK.gov warned that digital transformation hype is no substitute for delivery
Parliamentary committee says £45B savings claim risks undermining public sector tech reform rather than helping it
CISA gives feds 3 days to patch Check Point VPN bug exploited as zero-day
CISA has ordered U.S. government agencies to secure their Check Point Remote Access VPN and Mobile Access deployments against a critical vulnerability exploited in zero-day attacks…