16+ min ago  (340+ words) Introduced by Anthropic in late 2024, MCP acts as the plugin architecture for agentic AI. If your team isn't scanning for, mapping or monitoring for MCP risks, you have a blind spot that grows every time a developer installs a new…...

1+ hour, 19+ min ago  (960+ words) Penetration tests of AI-based systems are revealing a greater percentage of high-risk flaws than those discovered in legacy systems. Security consultancy Cobalt's annual State of Pentesting Report reveals that 32% of all AI and large language model (LLM) findings are rated as…...

9+ hour, 1+ min ago  (321+ words) Palo Alto Networks warns that a critical zero-day vulnerability has been discovered in the PAN-OS firewall system. The vulnerability has already been exploited by suspected state-sponsored hackers for nearly a month, reports Bleeping Computer. The vulnerability, CVE-2026-0300, is located in…...

10+ hour, 6+ min ago  (432+ words) Thirteen critical vulnerabilities have been found in the vm2 Java Script sandbox package that could allow an attacker's code to escape the container and do nasty things to IT environments. As a result, developers using this library in their applications are…...

13+ hour, 5+ min ago  (450+ words) A critical vulnerability in Ollama poses a direct risk of sensitive information leaks to more than 300, 000 internet-exposed servers, researchers have found. The flaw, tracked as CVE-2026-7482, stems from an out-of-bounds heap read in Ollama's model quantization pipeline. Ollama is one…...

1+ day, 7+ hour ago  (733+ words) Enterprises migrating between SIEM platforms often have to manually rewrite detection rules because vendors such as Splunk, Microsoft Sentinel, IBM QRadar, and Google Chronicle use different query languages and data models. Researchers now say AI may be able to automate…...

1+ day, 1+ hour ago  (377+ words) Palo Alto Networks is warning customers about a critical buffer overflow vulnerability affecting its PAN-OS user-ID authentication portal that is already being exploited in the wild. The flaw allows attackers to execute arbitrary code with root privileges on exposed firewalls,…...

1+ day, 7+ hour ago  (802+ words) The Center for AI Standards and Innovation (CAISI), a division of the US Department of Commerce, has signed agreements with Google Deep Mind, Microsoft, and x AI that would give the agency the ability to vet AI models from these…...

3+ day, 15+ hour ago  (131+ words) The irony of shadow IT isn't how an app, a browser extension, or a cloud service entered the environment. It's whether IT still has visibility into it and any ability to control what it's doing." Observability that reveals hidden systems…...

1+ day, 22+ hour ago  (574+ words) Attackers have found a new way to turn Linux systems into stealthy supply chain distribution hubs that are resistant to takedowns. Researchers from Trend Micro have disclosed a new malware framework, dubbed Quasar Linux or QLNX, describing it as a…...