Tech Times

SVG Phishing Emails Bypass Email Security: SANS Flags New MIME-Type Evasion

SVG phishing email attacks are bypassing enterprise email security gateways by hiding JavaScript inside image files and ...
Dark Reading

With Complex Cloud Integrations, Small Errors Lead to Major Compromises

Cybersecurity researchers create a five-step exploit chain using over-permissioned roles, secrets discovery, and NHIs to attack a popular low-code service.
The Caledonian-Record

Sonatype Firewall Extends Malicious Package Protection to Any Repository

Sonatype ®, the control plane for agentic software development, today expanded Sonatype Firewall protections to help organizations block malicious open source packages ...

Moderne Expands Agent Tools Platform with C# Support for Deterministic .NET Transformation

Moderne, the Agent Tools company for AI-driven software engineering, today announced C# language support across its platform, extending deterministic, large-scale code transformation to .NET codebases ...

Socket Raises $60M Series C at a $1B Valuation to Help Enterprises Build Securely With AI

Socket is scaling to defend open source against supply chain attacks as AI accelerates software development. SAN ...

Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious ...
Dark Reading

DriveSurge Hijacks Thousands of Sites for ClickFix, FakeUpdate Attacks

A sneaky IAB operation uses a malicious traffic distribution system (TDS) to redirect visitors of trusted websites to ones ...

WP Maps Pro bug exploited to create admin accounts on WordPress sites

Hackers are targeting WordPress websites running a vulnerable version of the WP Maps Pro plugin, which allows creating rogue ...
SecurityWeek

Vulnerability in Popular Conference Software Granted Attackers a 100% Talk Acceptance Rate

Novee researchers discovered an account takeover vulnerability in the open source CFP management tool Pretalx.

BrowserAct Open-Sources Two AI-Agent Skills, Giving Agents the Power to Use the Real Web

Then imagine it replying: "Sorry, the website won't let me in." That's the quiet failure mode behind most AI agents today. They can think, but they can't really act on the live web — websites block ...

Politics Insider: Quebec, Alberta share common causes, Smith says

Maura Forrest and Matthew Scace report that, speaking today in Quebec City, Smith said that despite their cultural and ...