Security - News Articles

Microsoft Fixes Critical Authentication Flaw Exposing Entra ID Tenants

Sep 20, 2025

darkreading

A critical Microsoft authentication vulnerability that could have compromised all Entra ID tenants due to an Azure AD Graph API flaw involving undocumented 'Actor tokens' has been fixed, highlighting security concerns around Microsoft's identity and access management stack.

Security Cybersecurity

Massive Supply Chain Attack 'Shai-Hulud' Compromises 500 npm Packages, Stealing Credentials

Sep 19, 2025

Socket

Breaking news: Massive 'Shai-Hulud' supply chain attack compromises nearly 500 npm packages, stealing credentials and spreading through modified packages, requiring developers to uninstall affected versions, rotate secrets, and monitor for suspicious activity.

Security Cybersecurity

Google Unveils Agent Payments Protocol, Collaborates with Industry Leaders

Sep 17, 2025

Google Cloud Blog

Google introduces the Agent Payments Protocol, an open framework enabling secure agent-led transactions across platforms, collaborating with industry giants like Adyen, American Express, Mastercard, PayPal, and Salesforce to shape the future of agentic payments.

Autonomous Systems Finance Security

Researchers Uncover 'Lies-in-the-Loop' Attack Compromising AI Coding Agents

Sep 16, 2025

darkreading

Breaking news: Researchers expose a 'lies-in-the-loop' attack compromising AI coding agents like Anthropic's Claude Code, tricking the AI into approving dangerous actions through deception, highlighting risks of software supply chain attacks by manipulating AI coding tools.

Security Software Engineering Trust Ethics

JFrog Unleashes AI-Powered Software Supply Chain Solutions

Sep 12, 2025

SiliconANGLE

JFrog unleashes revolutionary AI-powered software supply chain solutions, including JFrog Fly for accelerated AI-driven delivery, JFrog AppTrust for AI software governance and compliance, and JFrog AI Catalog, transforming the industry with cutting-edge AI integration.

DevOps Artificial Intelligence Software Development Security Compliance

F5 Acquires CalypsoAI for $180M, Bolstering AI Security Offerings

Sep 12, 2025

GeekWire

F5 acquires CalypsoAI for $180 million, strengthening its AI security offerings with CalypsoAI's real-time threat defense and data security products for AI workloads; the cash-financed deal is expected to close this month.

Security Generative AI Data Analytics Privacy Finance

Ex-WhatsApp Security Chief Sues Meta Over Alleged Flaws, Retaliation

Sep 10, 2025

CNBC

In a high-stakes legal battle, Meta faces a lawsuit from its former WhatsApp security chief alleging serious security vulnerabilities and retaliation for raising concerns, while Meta contests the claims and his significance.

Security Privacy Legal Social Media

Experts Raise Alarms on AI Risks, Advocate Oversight and Ethical Guardrails

Sep 10, 2025

Harvard Gazette

Scholars sound alarms on AI risks like scams and collusion, advocating oversight, ethical guardrails, and pluralism to complement rather than replace human intelligence.

Ethics Privacy Healthcare Mental Health Security

Malicious Images Exploit AI to Hijack Devices, Leak Data

Sep 10, 2025

Scientific American

Researchers reveal a concerning vulnerability where seemingly normal images can contain hidden malicious code exploiting AI agents on user devices, allowing attackers to hijack systems, leak personal data, and spread malware through manipulated pixels undetectable to humans.

Security Privacy Computer Vision Surveillance

Hackers Threaten AI Data Poisoning with Stolen Artwork for Ransom

Sep 09, 2025

POLITICO

Hackers from the LunaLock ransomware group threaten to poison AI training data with stolen artwork unless ransom demands are met, prompting artists to use tools like Glaze and Nightside to protect their creations from exploitation.

Security Art Privacy Generative AI