research

23 ClawHub plugins squatting official scopes expose AI registry security gaps

agentic AI, AI, cybersecurity, Don't miss, News, OpenClaw, research, Video /

23 ClawHub plugins squatting official scopes expose AI registry security gaps 2026-06-22 at 11:00 By Help Net Security Plugin registries for AI agents use npm-style scopes like @openclaw/ and @clawhub/ to signal who published a package. But on ClawHub, a registry whose plugins run with Claude, OpenClaw, and other agents, those official scopes weren’t reserved […]

23 ClawHub plugins squatting official scopes expose AI registry security gaps Read More »

Encrypted DNS still tells an eavesdropper where to look

cybersecurity, data analysis, DNS, Don't miss, Encryption, Features, Hot stuff, Internet of Things, network, News, packet analysis, Privacy, research /

Encrypted DNS still tells an eavesdropper where to look 2026-06-22 at 08:00 By Mirko Zorz Encrypted DNS runs across much of the Internet. DNS over TLS, HTTPS, and QUIC keep the contents of a query away from anyone watching a network link. The encryption covers the message inside each packet. The packet still carries plaintext

Encrypted DNS still tells an eavesdropper where to look Read More »

Your browser tab could become encrypted storage for someone else’s files

browser, cybersecurity, data, Don't miss, Encryption, Features, Hot stuff, News, research, storage /

Your browser tab could become encrypted storage for someone else’s files 2026-06-19 at 08:30 By Mirko Zorz Decentralized storage networks already hand pieces of people’s data to strangers’ machines. The lasting question across these networks is whether the machine holding the data can read it. A research paper by Gregory Magarshak, a professor at IENYC,

Your browser tab could become encrypted storage for someone else’s files Read More »

Grayscale applies traditional finance models to AAVE, sees $175 value

coinshares, DeFi, Grayscale, Latest News, research /

Grayscale applies traditional finance models to AAVE, sees $175 value 2026-06-18 at 12:45 By Ezra Reguerra Grayscale and CoinShares are applying traditional valuation techniques to crypto assets as institutions explore revenue-generating DeFi protocols. This article is an excerpt from Cointelegraph.com News View Original Source

Grayscale applies traditional finance models to AAVE, sees $175 value Read More »

GentleKiller targets more than 400 security processes across 48 products

cybercrime, Don't miss, Endpoint Security, ESET, Malware, News, Ransomware, research /

GentleKiller targets more than 400 security processes across 48 products 2026-06-18 at 12:00 By Anamarija Pogorelec Most ransomware operations leave the work of disabling endpoint security software to their affiliates. The ransomware-as-a-service gang Gentlemen runs a different model. Its operators develop and maintain a set of tools for shutting down endpoint detection and response (EDR)

GentleKiller targets more than 400 security processes across 48 products Read More »

What happens to oversight when AI agents write a lab’s own code

agentic AI, AI, cybersecurity, Don't miss, News, research /

What happens to oversight when AI agents write a lab’s own code 2026-06-18 at 08:00 By Mirko Zorz Inside the labs building frontier AI, a growing share of the coding gets done by the AI itself. These agents write, edit, and run software with light human oversight between steps, and they reach into production infrastructure,

What happens to oversight when AI agents write a lab’s own code Read More »

Low-skilled attacker used Claude, Codex to breach 14 companies

agentic AI, attack, attack tools, Claude Code, cybersecurity, Don't miss, Hot stuff, LLMs, News, research /

Low-skilled attacker used Claude, Codex to breach 14 companies 2026-06-17 at 18:43 By Zeljka Zorz Researchers have long warned that AI agents could lower the skill floor for offensive cyber operations, and a recent report by OALABS (Open Analysis) researchers bears that out. After recovering and analyzing over 1,000 agent sessions from a compromised server

Low-skilled attacker used Claude, Codex to breach 14 companies Read More »

The checklist problem behind critical infrastructure cyber safety

asset discovery, Compliance, critical infrastructure, cyber resilience, cyber risk, cybersecurity, Don't miss, Government, ICS/SCADA, News, policy, regulation, research, USA /

The checklist problem behind critical infrastructure cyber safety 2026-06-17 at 07:00 By Anamarija Pogorelec An asset owner can meet major federal cyber compliance standards and still run equipment that lacks the engineering to withstand an attack or a failure. New research from George Mason University examines how United States cyber policy defines reasonable care for

The checklist problem behind critical infrastructure cyber safety Read More »

Planning a trip? Fake travel sites are multiplying this summer

Booking, Check Point, fraud, hospitality industry, News, research, scams, survey, travel industry /

Planning a trip? Fake travel sites are multiplying this summer 2026-06-16 at 11:27 By Sinisa Markovic Cyberattacks against hospitality, travel, and recreation organizations rose 24% year over year, reaching an average of 2,291 incidents per organization each week in May 2026, according to Check Point. (Source: Check Point) “The sector has more than doubled its

Planning a trip? Fake travel sites are multiplying this summer Read More »

A hardware neural network backdoor that hides in plain sight

backdoor, chip, Don't miss, Features, hardware, Hot stuff, LLMs, News, research /

A hardware neural network backdoor that hides in plain sight 2026-06-15 at 08:00 By Mirko Zorz Deep learning systems on phones, cars, and other edge devices increasingly run on custom silicon. Specialized chips such as FPGAs and ASICs give these systems the speed and low power consumption that edge applications need. Many of these chips

A hardware neural network backdoor that hides in plain sight Read More »

Proving what a military AI model will do is the real problem

AI, Don't miss, Features, Government, hardware, Lockheed Martin, Meta, Microsoft, News, OpenAI, research, USA /

Proving what a military AI model will do is the real problem 2026-06-15 at 07:30 By Sinisa Markovic Defense contractors build AI systems that task drones automatically and propose kill-chains to support soldiers. Several of these contractors have partnered with frontier AI companies to put advanced models into military tools. Anduril works with OpenAI, Palantir

Proving what a military AI model will do is the real problem Read More »

The assembly line behind 1.5 million malicious domains

AWS, Cloudflare, cybercrime, cybersecurity, domain information, Don't miss, News, research, threats, VirusTotal /

The assembly line behind 1.5 million malicious domains 2026-06-12 at 11:07 By Anamarija Pogorelec Attackers registered roughly 1.5 million malicious domains during the first five months of 2026. The registration patterns resemble industrial output. Most of the domains were created by attackers, put to use within weeks, and concentrated among a small set of registrars,

The assembly line behind 1.5 million malicious domains Read More »

Making the cloud prove it followed your privacy wishes

auditing, Cloud, cloud security, cloud storage, Compliance, data, data security, Don't miss, EU, News, Privacy, regulation, research, storage, strategy /

Making the cloud prove it followed your privacy wishes 2026-06-11 at 08:43 By Sinisa Markovic Making companies that store personal data in cloud key-value databases handle deletion requests by running the operation and confirming the job is complete. The people making those requests and the regulators overseeing them have had limited means to confirm the

Making the cloud prove it followed your privacy wishes Read More »

Every set of AI guardrails can be broken by the right prompt

AI, Don't miss, News, NIST, research /

Every set of AI guardrails can be broken by the right prompt 2026-06-10 at 11:31 By Mirko Zorz Companies that build AI systems wrap them in guardrails meant to block harmful output, including deepfakes, malware, and instructions for making biological weapons or illicit drugs. When a user prompts the system for such content, the guardrails

Every set of AI guardrails can be broken by the right prompt Read More »

The security in smartphones is helping send them to landfills

Don't miss, Encryption, Features, hardware, mobile devices, News, research, smartphones /

The security in smartphones is helping send them to landfills 2026-06-10 at 09:55 By Mirko Zorz Billions of working smartphones reach the end of their service lives each year and move into drawers, recycling streams, and waste piles. The WEEE Forum estimated that 5.3 billion mobile phones became electronic waste in 2022. Many of these

The security in smartphones is helping send them to landfills Read More »

Malware ships with bugs that defenders could use against it

Don't miss, Features, Hot stuff, Malware, News, research /

Malware ships with bugs that defenders could use against it 2026-06-09 at 08:46 By Anamarija Pogorelec Static analysis tools have spent years scanning legitimate software for security bugs before it goes out the door. The same scanners work on malware, and malware carries a steady supply of its own bugs. Researchers ran four of these

Malware ships with bugs that defenders could use against it Read More »

OAuth marketplace apps keep access after publishers vanish

auditing, cyber risk, cybersecurity, Don't miss, GitHub, Google Workspace, News, OAuth, report, research, Risk Management /

OAuth marketplace apps keep access after publishers vanish 2026-06-04 at 16:06 By Mirko Zorz Installing an app from the Google Workspace Marketplace or GitHub Marketplace can grant a third party access to company email, files, calendars, code repositories, CI workflows, organization settings, and secrets. Marketplace presence gives these apps the appearance of approval. The OAuth

OAuth marketplace apps keep access after publishers vanish Read More »

Autonomous AI-driven worm can reason its way through corporate networks

AI, Don't miss, Hot stuff, LLMs, News, research, threat, worms /

Autonomous AI-driven worm can reason its way through corporate networks 2026-06-03 at 20:20 By Zeljka Zorz Researchers at the University of Toronto, the Vector Institute, and the University of Cambridge have built and tested a proof-of-concept AI-driven worm that does not operate on a fixed list of exploits. Instead, it analyzes each target it encounters,

Autonomous AI-driven worm can reason its way through corporate networks Read More »

Only 11% of production agents pass the AI agent security bar

agentic AI, AI, cyber risk, cybersecurity, Don't miss, enterprise, Features, Hot stuff, News, research, security controls /

Only 11% of production agents pass the AI agent security bar 2026-06-03 at 14:00 By Mirko Zorz Enterprise teams are running AI agents that write code, drive browsers, answer customer calls, manage cloud infrastructure, and query data warehouses with standing credentials. A new independent assessment of 100 production agents finds that nearly all of them

Only 11% of production agents pass the AI agent security bar Read More »

This AI model backdoor attack stays hidden until you customize the model

AI, backdoor, data, Don't miss, News, research /

This AI model backdoor attack stays hidden until you customize the model 2026-06-02 at 09:09 By Anamarija Pogorelec Most teams that deploy AI start with a backbone model. They download a large pre-trained system, adapt it to a specific task, and put it into production. The download step carries a security question: the origin of

This AI model backdoor attack stays hidden until you customize the model Read More »

Scroll to Top