Hidden prompts in Google Calendar events can trick Gemini AI into executing malicious commands via indirect prompt injection. Read more »
Organizations that don’t adapt their security programs as they implement AI run the risk of being exposed to a variety of threats, both old and emerging ones. MLSecOps addresses... Read more »
LudusHound is an open-source tool that takes BloodHound data and uses it to set up a working Ludus Range for safe testing. It creates a copy of an Active... Read more »
Buttercup is a free, automated, AI-powered platform that finds and fixes vulnerabilities in open-source software. Developed by Trail of Bits, it recently earned second place in DARPA’s AI Cyber... Read more »
Obot MCP Gateway is a free, open-source gateway that enables IT organizations to securely manage and scale adoption of Model Context Protocol (MCP) servers. MCPs are becoming the standard... Read more »
Flow monitoring tools are useful for tracking traffic patterns, planning capacity, and spotting threats. But many off-the-shelf solutions come with steep licensing costs and hardware demands, especially if you... Read more »
EntraGoat is a purpose-built tool that sets up a vulnerable Microsoft Entra ID environment to mimic real-world identity security issues. It’s designed to help security professionals practice spotting and... Read more »
SonicWall and other threat researchers are investigating the ongoing incidents. It’s unknown yet whether this is a new or established vulnerability. Read more »
Dia, an AI-powered browser from The Browser Company, launches a $20 Pro plan billed as “unlimited” AI access, but subject to Terms that can curb heavy use. Read more »
ESET researchers have discovered a previously unknown vulnerability in WinRAR, exploited in the wild by Russia-aligned group RomCom. If you use WinRAR or related components such as the Windows... Read more »
