When a coding model learns to modify unit tests to pass rather than fixing the actual bug, something has gone deeply wrong. Not with the model’s capability—but with our ability to specify what we actually...
A massive, self-propagating attack campaign is turning exposed cloud infrastructure into a criminal ecosystem. And the scary part? There’s nothing novel about the techniques being used. The Core Insight Security researchers at Flare have documented...
The stalkerware industry has a security problem. Actually, it has 27 security problems—that’s how many companies in this space have been hacked or leaked sensitive data since 2017. The latest victim, uMobix, exposed payment information...
SaaS is dead! AI will replace everything! Not so fast, says Ali Ghodsi, CEO of Databricks. His company just hit $5.4 billion in annual revenue, growing 65% year-over-year. But his perspective on AI’s actual threat...
UEFI Secure Boot was designed to prevent bootkits—malicious code that loads before the operating system and can hide from all subsequent security measures. The mechanism is elegant in theory: only cryptographically signed, trusted code can...
Cryptocurrency developers just got a brutal reminder that the packages they trust implicitly can become attack vectors overnight. The recent compromise of official dYdX packages on both npm and PyPI demonstrates how supply chain attacks...
Look, I get it. You’ve spent a fortune on firewalls and endpoint detection for your desktops. But your employees’ phones? They’re hopping between corporate WiFi and that sketchy coffee shop network, running who-knows-what apps, processing...
Anthropic faces a paradox that defines the entire AI industry: they’re the company most obsessed with safety, most vocal about risks, and yet pushing just as hard toward more powerful—and potentially more dangerous—AI systems. Their...
Your employees are using more AI tools than you can count. They’re embedded in SaaS platforms, browsers, extensions, copilots, and a growing universe of shadow tools that appear faster than security teams can track. Here’s...
German security agencies: “Hey, that ‘Signal Support’ texting you? That’s not Signal.” German intelligence dropped a warning this week that’s almost embarrassing in how simple it is: state-sponsored hackers are going after Signal users—politicians, military,...