← Latest brief

Security news.

·Morning Brief

Today's security landscape highlights significant data breaches, critical vulnerabilities, and ongoing concerns around AI security. Multiple organizations reported breaches impacting millions of users, while new flaws in Linux and Microsoft Defender were patched. The potential for AI to be exploited in attacks, from gaining access to cloud environments to influencing coding agents, remains a prominent theme.

SECURITYWEEKBREACH
3h agoREAD

12 Million Impacted by Data Breach at Japanese Telco KDDI

Hackers exploited a zero-day vulnerability in a third-party system to access a KDDI email system, impacting 12 million users.

BLEEPINGBREACH
7h agoREAD

AssuranceAmerica Data Breach Exposes Records of 6.9 Million Drivers

American insurance company AssuranceAmerica disclosed a data breach impacting nearly 7 million drivers after attackers accessed its systems earlier this year.

SECURITYWEEKVULN
3h agoREAD

15-Year-Old Linux Vulnerability ‘GhostLock’ Allows Root Access

A Linux kernel vulnerability, dubbed 'GhostLock,' affecting every major distribution since 2011, allows attackers to gain root access and earned researchers $92k from Google.

SECURITYWEEKPATCH
5h agoREAD

Microsoft Patches Defender ‘RoguePlanet’ Privilege Escalation Vulnerability

Microsoft released security updates for a Defender vulnerability, CVE-2026-50656, known as RoguePlanet, which is a privilege escalation issue in the Microsoft Malware Protection Engine.

THNRANSOMWARE
4h agoREAD

GodDamn Ransomware Uses PoisonX Driver to Disable Endpoint Defenses

A new ransomware family, GodDamn, employs the PoisonX kernel driver to neutralize security software and has been observed targeting US companies, potentially using a Microsoft-signed malicious driver.

DARK READING
2h agoREAD

AI Gateways Offer Attackers Keys to the Kingdom

A cryptomining incident highlighted how AI gateways can provide attackers access to AI models, cloud infrastructure, and identity and access management (IAM) data.

SECURITYWEEK
6h agoREAD

AI Coding Tools Tricked Into Hacking Developer Machine via 'GhostApproval'

Researchers disclosed 'GhostApproval,' a new attack method where AI coding assistants can be tricked into writing to sensitive files, taking control of a developer's computer.

DARK READINGBREACH
19h agoREAD

Lone Attacker Uses AI to Breach AWS Cloud Environment in 72 Hours

An attacker exploited AI workflows, chained cloud weaknesses, and stolen credentials to breach an AWS cloud environment within 72 hours, extorting a large Amazon customer.

Generated twice daily from public security RSS feeds. Informational only.