Tropical Blend: Cyber & Politics Ramp Up Across Latin America
China-linked espionage groups have attacked at least a dozen nations in the region, gathering information on maritime shipping, oil production, and other geopolitical interests.
Security & Lifecycle News
Aggregated from vendor advisories, security research, and industry publications.
WhatsApp, Slack Notifications Could Hijack Google Gemini on Android
A single poisoned notification from WhatsApp, Slack, SMS, Signal, Instagram, or Messenger could have hijacked Google Gemini's voice assistant on Android and made it open a victim's…
Cyber Insurance Rates Are Dropping, but Exclusions Widen
Cyber insurance coverage is slowly changing, and some policies may not provide coverage for social engineering attacks like ClickFix.
New 'HTTP/2 Bomb' DoS attack crashes web servers in under a minute
A new denial-of-service (DoS) attack dubbed HTTP/2 Bomb can be launched from a single machine to take down web servers within seconds. [...]
Grep this: Microsoft grafts (most) Linux commands onto Windows
Coreutils serves over 75 Unix commands in Windows and PowerShell command lines
Coding Gaffe Exposes Microsoft 365 Accounts to Widespread Takeover
A disabled security setting meant to protect authentication across Android versions of key apps like Word, PowerPoint, and Excel paved the way for attackers to steal logins and dat…
NAN124: AI and Trust in Modern Network Automation
Sif Baksh joins Eric Chou to share his professional experience and resources to help engineers get their arms around using AI in network automation. They discuss practical advantag…
Ring gets buzzed by class action for collecting visitors' faces without consent
The latest in a series of raised eyebrows over Familiar Faces and other AI ventures
Coralogix Raises $200M at $1.6B Valuation to Scale AI Observability Platform
Coralogix offers a full-stack observability platform that unifies logs, metrics, traces, security, and AI observability. The post Coralogix Raises $200M at $1.6B Valuation to Scale…
TCG077: News Roundtable: Data Center Backlash and the AI Chip War
William and Eyvonne discuss recent tech news, including the growing political and community opposition to AI data centers driven by fears over power and water usage. They also anal…
No longer just a Copilot, Microsoft's AI wants to take the wheel
Always-on agent promises to keep work moving, provided you trust it with practically everything
Google DoubleClick Abused in New Malspam Campaign to Deliver .NET Loader
Cybersecurity researchers have flagged a new malspam campaign that makes use of Google's DoubleClick domain as a way to evade detection and ultimately deliver an unidentified .NET-…
Intel bit off more than it could chew with 18A process node
CFO Zinsner insists the troubled node was a one-off as 14A stays on track
Enterprise Spotlight: Rethinking cloud strategy in the age of AI
Cloud computing has reached a crossroads. The high cost and data sensitivity of AI workloads are raising the appeal of private clouds, even as neoclouds and sovereign clouds shake …
What is Cisco Cloud Control and why should customers care?
As is typical of Cisco, the company made several product announcements at its flagship event, Cisco Live. The most significant product announcement is Cisco Cloud Control, which re…
Don’t repeat 5G mistakes with 6G, plead mobile operators
NGMN wants a clear migration path before next-gen network rollouts begin
CISA warns of active attacks exploiting Android, Linux bugs
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are exploiting vulnerabilities in the Linux kernel and Android operating system. [...]
Will Broadcom’s VMware strategy keep paying big dividends?
Four years ago, when Broadcom announced plans to buy VMware, analysts recommended that enterprises start looking for an exit strategy based on Broadcom’s less-than-stellar track re…
The tech that could make Marvell the next trillion dollar company
CU later, rivals? That's if Broadzilla doesn't eat its lunch first
AI agents can now manipulate your organization. Are you ready?
SPONSORED POST: Agents with hands require a hands-on policy
Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag
A development flag left switched on in production builds of several Microsoft 365 Android apps disabled the check that limits account-token sharing to trusted Microsoft apps. Any …
Another bug hunter leaks Microsoft exploits in defiance of company’s handling of vulnerability disclosures
Researchers follow in Nightmare Eclipse’s footsteps, flipping off Redmond in favor of insta-leaks
What 345 Days of Untested Exposure Looks Like at a Bank
A two-week penetration test can leave roughly 345 days of real-world exposure unvalidated. Sprocket Security explores why continuous testing is becoming critical as attack surfaces…
Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479)
Redis has patched a use-after-free in its blocking-client code that lets an authenticated user run arbitrary OS commands on the machine hosting the database. The flaw was found b…
Microsoft Build: Surface RTX Spark Dev Box, Coreutils for Windows, air-gapped GitHub and more
Execution Containers provide safe environment for running AI agents, while Windows Developer Config aims to make Windows less unpleasant for developers
Kirki, Burst Statistics WordPress Plugin Flaws in Attackers’ Crosshairs
Threat actors are exploiting vulnerable Kirki and Burst Statistics deployments to elevate privileges and take over websites. The post Kirki, Burst Statistics WordPress Plugin Flaws…
Security of 100 AI Agents Tested and Ranked – What You Need to Know
The AI Risk Quadrant evaluates AI agents based on three factors: how vulnerable they are to compromise, the potential impact of a breach, and the strength of their security defense…
Microsoft Fixes One-Click GitHub Dev Attack That Let Attackers Steal OAuth Tokens
Cybersecurity researchers have disclosed a one-click attack via Microsoft Visual Studio Code (VS Code) that makes it possible to steal a user's GitHub token. "Just by clicking a l…
Listen up, England. The Health Secretary is going to be data controller for everyone's Single Patient Record
No, public bucket policy doesn't mean everyone gets a bucket for themselves. Please let Tech do it. Don't go into Settings... NOOOOOO!
Hackers Target Global Stock Exchange in Espionage Operation
The attackers had access to a senior executive’s email account for 150 days and exfiltrated data for months. The post Hackers Target Global Stock Exchange in Espionage Operation ap…