How a Brute Force Attack Unmasked a Ransomware Infrastructure Network

A routine RDP brute-force alert led to unusual credential hunting and a geo-distributed VPN-linked infrastructure. Huntress ...
SecurityWeek

OpenClaw Vulnerability Allowed Websites to Hijack AI Agents

An OpenClaw vulnerability allowed malicious websites to take over AI agents, exposing sensitive information and enabling data ...
Microsoft

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users ...

OpenZeppelin finds data contamination in OpenAI’s EVMbench

OpenZeppelin questioned OpenAI’s recent EVMbench results after finding that the AI models were likely exposed to ...
Microsoft

Signed malware impersonating workplace apps deploys RMM backdoors

Signed malware backed by a stolen EV certificate deployed legitimate RMM tools to gain persistent access inside enterprise ...

Oasis Security Research Team Discovers Critical Vulnerability in OpenClaw

Oasis Security, the identity security platform, today released new threat research exploring a vulnerability chain in OpenClaw that allows any website to silently take full control of a developer's AI ...
Cloud Security Alliance

Securing the Modern Cloud: 5 Best Practices for Protecting Multi-Cloud Workloads

Guidance on securing cloud workloads across multi-cloud environments with continuous vulnerability management, agentless scanning, build-to-runtime security, and automated compliance.