Top Stories by Impact
When configuration becomes a vulnerability: Exploitable misconfigurations in AI apps
Yesterday · 14:20 UTC
Exposed UIs, weak authentication, and risky defaults could turn cloud-native AI apps on Kubernetes into potential targets by threat actors. Learn how exploitable misconfigurations…
Read full article →Undermining the trust boundary: Investigating a stealthy intrusion through third-party compromise
12 May 2026 · 15:00 UTC
Microsoft Incident Response investigated an attack operated through legitimate and trusted administrative mechanisms to blend seamlessly into routine operations and remain undetect…
Read full article →Kazuar: Anatomy of a nation-state botnet
Yesterday · 15:00 UTC
Kazuar, a sophisticated malware family attributed to the Russian state actor Secret Blizzard, has been under constant development for years and continues to evolve in support of es…
Read full article →Kazuar: Anatomy of a nation-state botnet
Yesterday · 15:00 UTC
Kazuar, a sophisticated malware family attributed to the Russian state actor Secret Blizzard, has been under constant development for years and continues to evolve in support of es…
Read full article →Cybersecurity
AI & Technology
Vendor Security
Microsoft Security
When configuration becomes a vulnerability: Exploitable misconfigurations in AI apps
CriticalYesterday · 14:20 UTC
Exposed UIs, weak authentication, and risky defaults could turn cloud-native AI apps on Kubernetes into potential targets by threat actors. Learn how exploitable misconfigurations lead to RCE and data leaks. The post Whe…
Read full article →Kazuar: Anatomy of a nation-state botnet
HighYesterday · 15:00 UTC
Kazuar, a sophisticated malware family attributed to the Russian state actor Secret Blizzard, has been under constant development for years and continues to evolve in support of espionage-focused operations. Over time, K…
Read full article →Defense in depth for autonomous AI agents
Yesterday · 16:00 UTC
As AI agents gain autonomy, defense in depth must evolve, with application-layer design, identity, and human oversight at the center. The post Defense in depth for autonomous AI agents appeared first on Microsoft Securit…
Read full article →Microsoft Threat Intel
Undermining the trust boundary: Investigating a stealthy intrusion through third-party compromise
High12 May 2026 · 15:00 UTC
Microsoft Incident Response investigated an attack operated through legitimate and trusted administrative mechanisms to blend seamlessly into routine operations and remain undetected demonstrating that intrusions have in…
Read full article →Kazuar: Anatomy of a nation-state botnet
HighYesterday · 15:00 UTC
Kazuar, a sophisticated malware family attributed to the Russian state actor Secret Blizzard, has been under constant development for years and continues to evolve in support of espionage-focused operations. Over time, K…
Read full article →OpenAI News
Helping ChatGPT better recognize context in sensitive conversations
Yesterday · 00:00 UTC
Learn how new ChatGPT safety updates improve context awareness in sensitive conversations, helping detect risk over time and respond more safely.
Read full article →Sea's View on the Future of Agentic Software Development with Codex
Yesterday · 20:30 UTC
Sea Limited's CPO explains why the company is deploying Codex across engineering teams to accelerate AI-native software development in Asia.
Read full article →Work with Codex from anywhere
Yesterday · 13:00 UTC
Use Codex anywhere with the ChatGPT mobile app. Monitor, steer, and approve coding tasks in real time across devices and remote environments.
Read full article →AWS Security
Detecting and preventing crypto mining in your AWS environment
13 May 2026 · 21:47 UTC
This article guides you on how to use Amazon GuardDuty to identify and mitigate cryptocurrency mining threats in your Amazon Web Services (AWS) environment. You’ll learn about the specialized detection capabilities of Gu…
Read full article →Regional routing for AWS access portals: Implementing custom vanity domains for IAM Identity Center
Yesterday · 20:42 UTC
AWS IAM Identity Center provides a web-based access portal that gives your workforce a single place to view their AWS accounts and applications. With the recent launch of IAM Identity Center multi-Region replication, cus…
Read full article →Automating post-quantum cryptography readiness using AWS Config
Yesterday · 16:18 UTC
Migrating your TLS endpoints to Post-quantum cryptography (PQC) starts with understanding your current TLS endpoint inventory and posture. This post introduces the PQC Readiness Scanner — an automated tool that inventori…
Read full article →Palo Alto Unit 42
Gremlin Stealer's Evolved Tactics: Hiding in Plain Sight With Resource Files
Today · 10:00 UTC
Unit 42 analyzes the evolution of Gremlin stealer. This variant uses advanced obfuscation, crypto clipping and session hijacking to compromise data. The post Gremlin Stealer's Evolved Tactics: Hiding in Plain Sight With…
Read full article →