80 matches found
Microsoft Azure Machine Learning 注入漏洞
Microsoft Azure Machine Learning is a machine learning service provided by Microsoft Corporation in the United States. There is an injection vulnerability present in Microsoft Azure Machine Learning. Attackers utilize this vulnerability to carry out phishing attacks...
Evaluating the Reliability of Multiple Large Language Models in Risk Assessment: A CIS Controls Based Approach
Proper implementation of technical and administrative controls reinforces an organization's cybersecurity posture and business resilience, reduces risks, and enhances governance, ultimately elevating business maturity. The dynamics of the technological landscape and emerging threats negatively...
Mythos: An AI tool too powerful for public release
Anthropic’s most capable model to date, Claude Mythos Preview aka Mythos, has been described as a “step change” in AI performance, especially on cybersecurity tasks. Anthropic tried to keep Mythos a secret until a few weeks ago, when a data leak revealed the existence of what the company said was...
Cybersecurity Risk Assessment: The Complete Guide for Security Leaders
Most security teams treat risk assessments as a compliance checkbox, a periodic exercise that generates a thick report, collects dust for six months, and then gets repeated. The result? Organizations discover their biggest exposures only after an incident, not before. A cybersecurity risk...
An Agentic Multi-Agent Architecture for Cybersecurity Risk Management
Getting a real cybersecurity risk assessment for a small organization is expensive -- a NIST CSF-aligned engagement runs $15,000 on the low end, takes weeks, and depends on practitioners who are genuinely scarce. Most small companies skip it entirely. We built a six-agent AI system where each age...
Henry IV, Hotspur, Hal, and hallucinations
Welcome to this week's edition of the Threat Source newsletter. " 'Tis dangerous to take a cold, to sleep, to drink; but I tell you, my lord fool, out of this nettle, danger, we pluck this flower, safety." - Hotspur, Shakespeare's Henry IV, Part 1: Act 2 Scene 3 I get it. Hotspur is the...
Assessing Spear-Phishing Website Generation in Large Language Model Coding Agents
Large Language Models are expanding beyond being a tool humans use and into independent agents that can observe an environment, reason about solutions to problems, make changes that impact those environments, and understand how their actions impacted their environment. One of the most common...
It’s not personal, it’s just business
Welcome to this week's edition of the Threat Source newsletter. This week, we explore how advances in agentic AI are rapidly transforming the cyber crime business. Agentic AI programming gives AI agents autonomy, allowing them to interact with external systems to collect information, make decisio...
EUVD-2025-95307
Malicious code in rina-kacang15-breki npm...
EUVD-2020-30308
Malware in sbrugna...
EUVD-2021-15123
Malware in sbrugna...
EUVD-2018-10169
Malware in sbrugna...
EUVD-2018-15786
Malware in sbrugna...
EUVD-2020-9021
Malware in sbrugna...
EUVD-2017-15209
Malware in sbrugna...
EUVD-2019-12501
Malware in sbrugna...
EUVD-2024-39557
Malicious code in bioql PyPI...
Malicious code in @sellerly-kit/theme-sellerly (npm)
The package @sellerly-kit/theme-sellerly was found to contain malicious code...
PT-2025-28861 · Red Hat +1 · Centos 7 +1
Name of the Vulnerable Software and Affected Versions: Radiflow iSAP Smart Collector CentOS 7 - VSAP 1.20 Description: The Linux distribution underlying the Radiflow iSAP Smart Collector is obsolete and has reached end of life, posing a cybersecurity risk. Any unmitigated vulnerability could be...
Data Breach Reporting for regulatory requirements with Microsoft Data Security Investigations
Seventy-four percent of organizations surveyed experienced at least one data security incident with their business data exposed in the previous year as reported in Microsoft’s Data Security Index: Trends, insights, and strategies to secure data report. Despite the best people, process and...