CISA flags VMware Aria Operations RCE flaw as exploited in attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a VMware Aria Operations vulnerability tracked as ...

Until last month, attackers could've stolen info from Perplexity Comet users just by sending a calendar invite

AI browsing agent left local files open for the taking If you wanted to steal local files from someone using Perplexity's ...

What Supply Chain Attacks Really Want: Your Secrets

Shai Hulud 2.0 serves as a loud confirmation of a pattern that has been building for years. In most modern software supply ...
SecurityWeek

VMware Aria Operations Vulnerability Exploited in the Wild

CVE-2026-22719, a recently patched vulnerability in VMware Aria Operations, has been exploited in the wild, CISA warned.

A suite of government hacking tools targeting iPhones is now being used by cybercriminals

Security researchers say exploits used by governments to hack into Apple iPhones have been found used by cybercriminals. They ...
Security Boulevard

Shadow AI vs Managed AI: What’s the Difference? – FireTail Blog

Shadow AI vs. Managed AIShadow AI is a visibility gap: It refers to any AI tool used by employees that the IT department doesn’t know about. Most companies have 10x more AI tools in use than they ...
Unite.AI

Liat Hayun, SVP Product Management & Research at Tenable – Interview Series

Liat Hayun is the VP of Product and Research at Tenable Cloud Security. Prior to joining Tenable, Liat co-founded and served as CEO of Eureka Security, a data security company that was acquired by ...
Computing

Attackers can steal data using simple AI browser vulnerability

Attackers can leverage vulnerabilities in AI-powered web browsers to access sensitive files and credentials through a simple ...

Chrome Extension Hijacked to Deliver Malware, Steal Crypto Wallets

A compromised Chrome extension with 7,000 users was updated to deploy malware, strip security headers, and steal ...

F5 Teams With WWT to Help Customers Accelerate AI Adoption Without Compromising Security

F5 (NASDAQ: FFIV), the global leader in delivering and securing every app and API, today announced enhanced support for WWT’s ...
Dark Reading

Qualcomm Zero-Day Exploited in Targeted Android Attacks

The exploitation of CVE-2026-21385, a high-severity memory corruption flaw, could be tied to commercial spyware or ...
The Hacker News

APT41-Linked Silver Dragon Targets Governments Using Cobalt Strike and Google Drive C2

Researchers link Silver Dragon APT to APT41 after attacks on government entities using Cobalt Strike, DNS tunneling, and ...