Three-quarters of organizations have admitted to shipping vulnerable code, as AI risk proliferates in supply chains, according to two new studies out this week. Checkmarx published new data on May 21 showing that 75% of organizations often or sometimes deploy… Read More "Three-Quarters of Firms Knowingly Ship Vulnerable Code, Says Checkmarx"
Ilia Kolochenko, CEO of ImmuniWeb and adjunct professor of cybersecurity practice and cyber law at US-based Capitol Technology University, said the Five Eyes statement “makes perfect sense. However, it should have been sent in late 2023. Today, careless implementation and… Read More "Change your cyber risk strategy to meet AI threats, Five Eyes countries warn CSOs"
GitHub has confirmed that a recent breach into its internal repositories was caused by a vulnerability in a Microsoft Visual Studio Code (VS Code) extension called ‘Nx Console.’ The security team at the Microsoft-owed software developer platform warned on May… Read More "GitHub Breach Traced to Malicious ‘Nx Console’ VS Code Extension"
Blind spot If there’s a criticism that can be levelled at GitHub over this, it’s that it has taken so long to address a weakness that’s been known about for years. The issue is with GitHub Actions, which allows triggers… Read More "GitHub Actions hardens checkout security to block ‘pwn request’ attacks"
A VPN service used by ransomware operators, fraudsters and data thieves to mask their activity has been taken offline in a coordinated operation led by France and the Netherlands. According to Europol, the law enforcement action ran from May 19… Read More "Cybercriminal VPN Dismantled in Europol Crackdown"
Healthcare organizations (HCO) must embrace AI-powered tools to spot and contain threats faster, or continue to risk potentially fatal consequences for patients, experts have warned. Speaking at Infosecurity Europe on June 4, Cyber Salus CEO, Sher Baig, said HCOs across… Read More "Infosecurity Europe: Reactive Security Is Failing Healthcare, Experts"
The writing is on the wall: artificial intelligence has moved past the experimental phase and has cemented its place as a core component of the modern enterprise stack. For CISOs, the playbook of flat firewall blocking is ineffective—bans don’t halt… Read More "The 2026 Enterprise AI Security Index"
Ravie LakshmananJun 22, 2026Cybersecurity / Hacking It’s Monday again. This week’s threat list looks painfully familiar: abused integrations, fake tools, poisoned websites, ransomware crews trying to shut down security tools, and mobile malware asking for way too much control. The… Read More "Browser Bugs, EDR Killers, TV Botnet, OpenBSD Flaw, Android Trojan, and More"
Security must be embedded directly into AI coding tools to mitigate emerging risks associated with agentic development, Ox Security has claimed. Speaking at Infosecurity Europe on June 4, the vendor’s field CTO, Boaz Barzel, explained that traditional application security was built… Read More "AI Coding Tools Need Built-In Security for Agentic Development Era"
As a security analyst, your intake queue has likely been overtaken by requests to approve Claude. While that used to be a straightforward decision, Anthropic’s rapid deployment of agentic utilities, such as Claude Co-Work and Claude Code, has created a… Read More "Governing Excessive Agency in the Anthropic Ecosystem"
