Initial access hackers switch to Tsundere Bot for ransomware attacks

A prolific initial access broker tracked as TA584 has been observed using the Tsundere Bot alongside XWorm remote access ...

Inside SearchGuard: How Google detects bots and what the SerpAPI lawsuit reveals

We fully decrypted SearchGuard, the anti-bot system protecting Google Search. Here's exactly how Google tells humans and bots ...

Claude Code: Anthropic’s wildly popular AI coding app

Engineers and noncoders alike are helping the app go viral ...

JavaScript Sandbox vm2: Critical Vulnerability Allows Escape

The JavaScript sandbox vm2 for Node.js was actually discontinued. Now an update closes a critical security vulnerability.
The Hacker News

AWS CodeBuild Misconfiguration Exposed GitHub Repos to Potential Supply Chain Attacks

A misconfigured AWS CodeBuild webhook allowed bypass of actor ID checks, risking takeover of four AWS GitHub repositories ...
The Hacker News

Google Warns of Active Exploitation of WinRAR Vulnerability CVE-2025-8088

Google confirms nation-state and cybercrime groups exploit a patched WinRAR flaw to gain persistence and deploy malware via ...

AI and Security: Zero-day exploits through AI are already a reality

AIs can create complex zero-day exploits. The consequence: The search for security vulnerabilities is successfully industrialized and scaled.

A simple CodeBuild flaw put every AWS environment at risk – and pwned 'the central nervous system of the cloud'

And it's 'not unique to AWS,' researcher tells The Reg A critical misconfiguration in AWS's CodeBuild service allowed ...
Network World

Startup IO River aims to virtualize the edge and break CDN vendor lock-in

Former Akamai engineers are behind startup IO River, which is developing an edge platform that creates a virtualization layer ...
Dark Reading

AI Agents Undermine Progress in Browser Security

Over three decades, the companies behind Web browsers have created a security stack to protect against abuses. Agentic browsers are undoing all that work.
Opinion

IBM's AI agent Bob easily duped to run malware, researchers show

Prompt injection lets risky commands slip past guardrails IBM describes its coding agent thus: "Bob is your AI software development partner that understands your intent, repo, and security standards." ...