Aggregated from vendor advisories, security research, and industry publications.
Red Hat on Tuesday opened its Ansible Automation Platform to AI agents while adding new controls intended to keep them under tight control. The company made its Model Context Protocol (MCP) server for Ansible generally available, allowing any AI tool to access the platform, and it introduced a new automation orchestrator, in technology preview, that routes actions through human-approved, determini…
Launch of Musk's monster rocket could be in May
A tokenizer library file present in Hugging Face AI models can be manipulated to hijack the model's outputs and exfiltrate data.
CRPx0 is a complex, stealthy malware campaign that targets macOS and Windows systems, and appears to have Linux capabilities in development. The post Free OnlyFans Lure Used to Spr…
Former franchise operators claim telco unfairly cut commission and other payments
The company that operates online learning system Canvas said it struck a deal with hackers to delete the data they pilfered in a cyberattack that created chaos for students, many o…
Tech firm's employees can get an 'admin' role letting them into the National Data Integration Tenant... and its identifiable information
The company took systems offline globally after hackers exfiltrated data and deployed file-encrypting ransomware. The post West Pharmaceutical Services Hit by Disruptive Ransomware…
Think tank warns outsider access to powerful models is governed by patchy controls and a hope nobody dangerous gets in
Cybersecurity researchers have flagged a new version of the TrickMo Android banking trojan that uses The Open Network (TON) for command-and-control (C2). The new variant, observed …
The tech giant has also ported the patch for a recent deleted chats recovery issue to older versions of iOS. The post Apple Patches Dozens of Vulnerabilities in macOS, iOS appeared…
The flaws could allow attackers to inject malicious code, leading to information disclosure and code execution. The post SAP Patches Critical S/4HANA, Commerce Vulnerabilities appe…
Understanding that enterprise migrations can be structurally complicated, costly, and constrained in certain environments, many software and cloud providers offer extended maintena…
Red Hat is attempting to reposition sovereignty from a compliance issue for European companies to a global strategic priority for enterprises, including US firms, who want more con…
Six-minute supply chain blitz pushed 84 malicious versions with credential theft and disk-wiping code
Why do the Riskiest SOC Alerts Go Unanswered? Security operations teams are drowning in alerts. But the real problem isn't always alert volume; it's the blind spots. The most dange…
Mozilla claims the Digital Markets Act delivered lasting bump, invites Britain to do similar
Hundreds of packages across npm and PyPI have been compromised in a new Shai-Hulud supply-chain campaign delivering credential-stealing malware targeting developers. [...]
Curl’s lead developer says Mythos claims are marketing, but many in the industry believe the results stem from Curl’s robust security. The post Claude Mythos Finds Only One Curl Vu…
Hundreds of npm packages infected by the self-propagating, credential-stealing worm from TeamPCP are related to the open source TanStack ecosystem.
This is the worst Linux vulnerability in years. TL;DR copy.fail is a Linux kernel local privilege escalation, not a browser or clipboard attack. Disclosed by Theori on 29 April 20…
SAP has released the May 2026 security updates addressing 15 vulnerabilities across multiple products, including two critical flaws in the Commerce Cloud enterprise-grade e-commerc…
Many AI-first enterprises have already embraced sovereign architectures for general AI initiatives; cybersecurity—and the SOC—should be next. The post Is the SOC Obsolete, and We J…
It looks like you're trying to get more Microsoft 365 users to engage with your assistant. Would you like help?
Agentic AI is already running in production environments across many organizations today. It is executing tasks, consuming data, and taking actions — most likely without meaningful…
Customers left staring at restart plea with no keyboard, mouse, or hope
Over 400 malicious versions of 170 packages were published as part of the new Mini Shai-Hulud campaign. The post TanStack, Mistral AI, UiPath Hit in Fresh Supply Chain Attack appea…
After years of stopping dead at the green bubble border, iPhone and Android users can finally send E2EE messages without relying on third-party apps
Instructure, the edtech giant behind the widely popular Canvas learning management system (LMS), has reached an "agreement" with the ShinyHunters extortion group to prevent the dat…
Device delivers smoother streaming and simpler interaction, elevating home entertainment