Norway’s $2 trillion sovereign wealth fund, Microsoft’s eighth-largest shareholder, is challenging the tech giant’s leadership. The fund plans to vote for a human rights risk report against management recommendations and against CEO Satya Nadella’s dual role and compensation package. This sets up a
Threat actors are incorporating large language models into malware to create programs that can rewrite their own code and evade security tools. Google’s Threat Intelligence Group identified several active malware samples using AI, including one that bypassed safety controls by claiming to be part of
Ransomware operators are using M&A deals as their entry point, compromising smaller companies’ SonicWall gear that gets inherited during acquisitions. The attackers are reaching domain controllers in just 9.3 hours on average through unmonitored legacy credentials.
British lawmakers are demanding new economic security legislation as cyber threats mount. A parliamentary report warns current defenses are inadequate against growing risks from foreign investment and AI-powered attacks. The committee cites cyber threats over 100 times in their assessment of nationa
Multiple severe vulnerabilities in the popular Fluent Bit logging tool could allow attackers to hijack cloud environments. The flaws affect authentication, tag processing, and file output plugins, with some issues present for over 8 years. AWS has secured its internal systems and released patched ve
Cybersecurity researchers have uncovered a sophisticated “ClickFix” attack that uses fake Windows Update animations to trick users. The malware is hidden in PNG images using steganography and extracted by a .NET loader that runs 10,000 empty functions to evade detection.
The battle over AI regulation is heating up with former President Trump threatening to block local officials from regulating the technology. Meanwhile, bipartisan federal action remains stalled despite widespread agreement on basic protections. A top Biden tech adviser calls the situation a “huge re
Several major US banking institutions are scrambling to assess data theft after hackers breached financial technology company SitusAMC. The company processes billions of loan documents annually for over a thousand financial clients.
A severe security vulnerability in Oracle Identity Manager is being actively exploited in attacks. The flaw allows unauthenticated attackers to execute arbitrary code and take over systems. CISA has added it to their Known Exploited Vulnerabilities catalog.
Companies are rapidly adopting passwordless authentication, with 92% of CISOs reporting implementation plans. The move addresses both security threats and productivity drains from traditional password systems.
