Ivanti is warning customers of two critical, actively exploited zero-day vulnerabilities in its Endpoint Manager Mobile (EPMM) product. The flaws, CVE-2026-1281 and CVE-2026-1340, allow unauthenticated remote code execution. This continues a brutal start to 2025 for enterprise security.
OpenAI has detailed a new security layer for its AI agents that browse the web. Instead of using a curated blocklist, agents check URLs against an independent index of publicly visible addresses. This aims to prevent agents from falling for phishing or data theft attempts.
According to a new forecast, the next major cybersecurity shift won’t be from flashy AI attacks, but from the messy convergence of identity automation and data access. The real risk is that our security tools haven’t kept up with how these systems now depend on each other.
A new term, “future shock,” is capturing the anxiety of professionals facing AI obsolescence. From lawyers to researchers, many worry their hard-earned skills are becoming less valuable overnight.
A new report shows a massive spike in crypto-related crime last year, with money laundering reaching $82B. The rise is fueled by sophisticated networks and AI-powered scams, but it’s a tiny fraction of total crypto activity.
A recent cyberattack on Poland’s distributed energy sources, linked to Russia’s Sandworm group, could have had deadly consequences. Experts say targeting these smaller sites in winter shows a deliberate intent to maximize civilian impact. The attacks damaged equipment but did not cause widespread ou
WhatsApp is rolling out a suite of new, optional security features called “Strict Account Settings.” The tools are designed to block files and calls from unknown contacts to protect vulnerable users. It’s a significant, if overdue, step for the world’s most popular messaging app.
A security researcher’s warning about Microsoft’s access to BitLocker recovery keys has gone viral. The core issue isn’t about legal compliance, but about architectural design that gives Microsoft a backdoor by default.
Microsoft has confirmed it will provide user BitLocker encryption keys to the FBI with a valid legal order. The risk primarily affects users who sign into Windows with a Microsoft cloud account, as those keys are stored in an unencrypted form. Senator Ron Wyden called the practice “simply irresponsi
A cybersecurity researcher discovered a massive, publicly accessible database containing 149 million stolen login credentials. The data, compiled from past breaches, included 50 million email accounts and credentials for major platforms like Meta and TikTok. While the main database is now down, the
