Ransomware encryption dropped 38% year-over-year. Here’s what replaced it—and why it’s more dangerous. Remember when ransomware meant your files got encrypted and a scary skull appeared on your screen demanding Bitcoin? Those days are fading...
A wake-up call for enterprise mobile device management security The headlines read like a cyber thriller: Dutch authorities, Finnish government agencies, and the European Commission all breached through the same vulnerability. But this isn’t fiction—it’s...
A threat actor with an expanding toolkit is systematically compromising financial institutions and government organizations across Russia and Central Asia. The Core Insight The threat actor known as “Bloody Wolf” (tracked by Kaspersky as “Stan...
This week’s security news reveals a troubling pattern: attackers are increasingly targeting the trust relationships that power modern development and AI ecosystems. From malicious AI skills to supply chain attacks on beloved tools, the threat...
Lilian Weng’s comprehensive analysis of reward hacking in reinforcement learning should be required reading for anyone building or deploying AI systems. As RLHF becomes the de facto alignment method for language models, understanding how agents...
In a twist of poetic justice, a hacktivist has turned the tables on surveillance vendors by scraping half a million payment records from companies that profit from helping people spy on their partners and loved...
When a coding model learns to modify unit tests to pass rather than fixing the actual bug, something has gone deeply wrong. Not with the model’s capability—but with our ability to specify what we actually...
A massive, self-propagating attack campaign is turning exposed cloud infrastructure into a criminal ecosystem. And the scary part? There’s nothing novel about the techniques being used. The Core Insight Security researchers at Flare have documented...
The stalkerware industry has a security problem. Actually, it has 27 security problems—that’s how many companies in this space have been hacked or leaked sensitive data since 2017. The latest victim, uMobix, exposed payment information...
The security landscape this week reveals a clear pattern: attackers are targeting trust—trusted updates, trusted marketplaces, and increasingly, trusted AI workflows. Here’s what matters for anyone building or deploying AI agent systems. The Core Insight...