With the rapid adoption of generative AI, a new wave of threats is emerging across the industry with the aim of manipulating the AI systems themselves. One such emerging attack vector is indirect prompt injections. Unlike direct prompt injections, where… Read More "Mitigating prompt injection attacks with a layered defense strategy"
Ravie LakshmananApr 12, 2026Vulnerability / Endpoint Security Adobe has released emergency updates to fix a critical security flaw in Acrobat Reader that has come under active exploitation in the wild. The vulnerability, assigned the CVE identifier CVE-2026-34621, carries a CVSS score of… Read More "Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621"
Being seen as reliable is good for ‘business’ and ransomware groups care about ‘brand reputation’ just as much as their victims 11 Dec 2025 • , 4 min. read Black Hat Europe 2025 opened with a presentation by Max Smeets… Read More "Reputation is currency – even in the ransomware economy"
The UK government has sanctioned a network of individuals and organizations allegedly linked to scam compounds in Southeast Asia. Across Southeast Asia, scam centers are using sophisticated schemes, including romance scams, to defraud victims on an industrial scale. The latest action by the UK government,… Read More "UK Cracks Down on Chinese Crypto Marketplace for Funding Scam Hubs"
Posted by David Adrian, Javier Castro & Peter Kotwicz, Chrome Security Team Android recently announced Advanced Protection, which extends Google’s Advanced Protection Program to a device-level security setting for Android users that need heightened security—such as journalists, elected officials, and… Read More "Advancing Protection in Chrome on Android"
Ravie LakshmananApr 12, 2026Malware / Threat Intelligence Unknown threat actors compromised CPUID (“cpuid[.]com”), a website that hosts popular hardware monitoring tools like CPU-Z, HWMonitor, HWMonitor Pro, and PerfMonitor, for less than 24 hours to serve malicious executables for the software and… Read More "CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads"
The AI agents many organizations have begun deploying to automate complex business and operational workflows can be quietly turned against them if not properly configured with the right permissions. Recent research by Palo Alto Networks has shown how the risk… Read More "Google’s Vertex AI Is Over-Privileged. That’s a Problem"
Behind the polished exterior of many modern buildings sit outdated systems with vulnerabilities waiting to be found 12 Dec 2025 • , 3 min. read “A City of a Thousand Zero Days” is the partial title of a talk at… Read More "Was that device designed to be on the internet at all?"
Advances in quantum computing could render traditional encryption methods obsolete by 2029, Google has warned. Quantum computing will use quantum mechanics to solve problems which today’s traditional binary computers simply can’t understand. The technology has the potential to revolutionize scientific… Read More "Google: Quantum Computing Threat to Encryption Is Closer Than Expected"
Today we’re excited to announce OSS Rebuild, a new project to strengthen trust in open source package ecosystems by reproducing upstream artifacts. As supply chain attacks continue to target widely-used dependencies, OSS Rebuild gives security teams powerful data to avoid… Read More "Open Source, Rebuilt to Last"
