#runtime-threat-detection

#runtime-threat-detection

The Independent provides critical journalism on key issues without paywalls, emphasizing the importance of accessible reporting.

The U.S. must adopt new AI capabilities to counter the growing threat of unmanned drones used by foreign adversaries.

Lovable faced criticism for a vulnerability that exposed users' sensitive data, including source code and chat history, due to insufficient access controls.

CISA expanded its Known Exploited Vulnerabilities catalog with eight new flaws, including high-severity bugs in Cisco and Kentico products.

MTTR is impacted by structural issues in threat intelligence integration, not just analyst availability.

Lovable's security incidents expose vulnerabilities in AI-generated code and highlight a market focus on growth over security.

Agentic physical security uses AI to transform surveillance into proactive threat prevention at large events.

Threat actors are exploiting QEMU for ransomware and remote access tool deployment, with increased activity observed since late 2025.

A ClickFix campaign targets macOS users with an AppleScript infostealer that collects sensitive data from various browsers and cryptocurrency wallets.

31% of organizations using AI-generated code spend 10 hours or less per month on validation and auditing, raising security concerns.

AI-enhanced forensic accounting is essential for detecting financial fraud and payment manipulation in automated financial systems vulnerable to sophisticated, AI-driven attacks.

Capability without control in AI agents creates vulnerabilities, necessitating a structured control architecture for safe deployment.

Over two dozen fake cryptocurrency apps targeting iOS users have been found in the Apple App Store, aimed at stealing recovery phrases and private keys.

Aikido Endpoint protects developers' endpoints from supply chain attacks by blocking high-risk installations before they reach the system.

Vercel confirmed a data breach caused by a third-party AI tool used by an employee, impacting a limited subset of customers.

Hackers exploit Android's overlay feature to capture PINs and monitor user interactions across over 800 apps using banking trojans.

Cyber incidents are increasing claims in the insurance industry despite decreasing premiums, indicating a more active risk environment.

Threat actors have shifted to new phishing platforms after Tycoon 2FA's disruption, reusing its tools and increasing overall phishing attacks.

Threat actors exploit vulnerabilities in TBK DVR and TP-Link routers to deploy Mirai-botnet variants, targeting IoT devices for large-scale attacks.

A vulnerability in Cursor AI allows attackers to hijack developer machines via malicious repositories without user interaction.

MCP's architectural flaw allows adversarial takeover of user systems, exposing sensitive data and enabling malware installation.

A 17-year-old critical Excel vulnerability is actively being exploited, prompting CISA to issue a patch deadline for federal agencies.

Mallory provides an AI-native threat intelligence platform that delivers actionable insights for enterprise security teams, focusing on real threats and vulnerabilities.

A new variant of the Phorpiex botnet combines traditional and peer-to-peer communication, facilitating sophisticated malware operations and high-volume spam.

Security operations lag behind rapid tech advancements, leading to inefficiencies and risks in managing numerous security tools.

Credential incidents cause significant operational costs and disruptions, impacting IT teams and overall business productivity beyond just breach prevention.

Multi-OS attacks complicate SOC operations, leading to delays, fragmented evidence, and increased escalation volume, ultimately allowing attackers more time to operate.

Combining Zero Trust principles with AI enhances resilience, reduces downtime, and maintains strict access controls.

AI is transforming cybercrime by enabling personalized phishing, deepfakes, and malware that evade traditional security measures.

Cybercrime has industrialized to exploit vulnerabilities faster than defenders can predict and patch, requiring a shift from predictive to preemptive security strategies.

Attackers deliberately overwhelm SOC analysts with high-volume phishing campaigns to delay investigations and create windows for successful breaches, making analyst capacity a critical vulnerability.