Widely used Trivy scanner compromised in ongoing supply-chain attack

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...

Chainguard is racing to fix trust in AI-built software - here's how

Chainguard is racing to fix trust in AI-built software - here's how ...
Microsoft

CTI-REALM: A new benchmark for end-to-end detection rule generation with AI agents

CTI-REALM is Microsoft’s open-source benchmark that evaluates AI agents on real-world detection engineering. It measures whether an agent can take cyber threat intelligence (CTI) and produce validated ...
SecurityWeek

Critical Langflow Vulnerability Exploited Hours After Public Disclosure

Because attacker-supplied flow data is used in public flows, the bug leads to unauthenticated remote code execution.

Ex-data analyst stole company data in $2.5M extortion scheme

A North Carolina man was found guilty of extorting a D.C.-based technology company while still being employed as a data ...
Infosecurity Magazine

Hackers Exploit Critical Langflow Bug in Just 20 Hours

Sysdig cited figures from the Zero Day Clock initiative which revealed that median time-to-exploit (TTE) collapsed from 771 ...
Hackaday

This Week In Security: Linux Flaws, Python Ownage, And A Botnet Shutdown

Qualys reports the discovery by their threat research unit of vulnerabilities in the Linux AppArmor system used by SUSE, Debian, Ubuntu, and ...