Communications of the ACM

Safe Coding

Safe coding is a collection of software design practices and patterns that allow for cost-effectively achieving a high degree ...

CISA flags critical Microsoft SCCM flaw as exploited in attacks

CISA ordered federal agencies on Thursday to secure their systems against a critical Microsoft Configuration Manager ...
Analytics Insight

What Is Trafficmind and How Does It Stop Bot Attacks

Bot attacks are one of the most common threats you can expect to deal with as you build your site or service. One exposed ...
Security Boulevard

The AI Agent Identity Crisis: 80% of Agents Don’t Properly Identify Themselves, 80% of Sites Don’t Verify

AI agent identity verification fails at both ends. DataDome tested 698,000 sites—80% couldn't detect spoofed ChatGPT traffic. Here's why.

Google says hackers are abusing Gemini AI for all attacks stages

Google Threat Intelligence Group (GTIG) has published a new report warning about AI model extraction/distillation attacks, in ...
Windows Report

Critical Microsoft SCCM Vulnerability Under Active Attack, Warns CISA

CISA confirms active exploitation of CVE-2024-43468 in Microsoft Configuration Manager and urges immediate patching.
DataBreachToday

State Hackers Turn Google AI Into Attack Acceleration Tool

State-backed hackers weaponized Google's artificial intelligence model Gemini to accelerate cyberattacks, using the ...
SecurityWeek

CISA Warns of Exploited SolarWinds, Notepad++, Microsoft Vulnerabilities

CISA has expanded its KEV catalog with new SolarWinds, Notepad++, and Apple flaws, including two exploited as zero-days.
Windows Report

State-Backed Hackers Weaponize Google Gemini AI for Cyberattacks

Google’s Gemini AI is being used by state-backed hackers for phishing, malware development, and large-scale model extraction attempts.
LBC

China-linked hackers targeting UK infrastructure within days of vulnerabilities being exposed, threat report warns

For example, one China-linked group exploited a SQL injection vulnerability six days after proof-of-concept code was ...
eWeek

Fake AI Chrome Extensions Exposed 260,000 Users, Targeting Gmail

Over 260,000 users installed fake AI Chrome extensions that used iframe injection to steal browser and Gmail data, exposing ...
Opinion
The Fast ModeOpinion

As AI Moves from Tool to Infrastructure, the Attack Surface Expands in Every Direction

AI has steadily woven itself into every corner of security, its influence is only beginning to take shape. Identity is expanding beyond people, compliance is becoming part of everyday defense, and the ...