Attention: You are using an outdated browser, device or you do not have the latest version of JavaScript downloaded and so this website may not work as expected. Please download the latest software or switch device to avoid further issues.

News > Attacks & Threats
page: 1 2
Every Old Vulnerability Is Now an AI Vulnerability

AI's danger isn't that it's creating new bugs, it's that it's amplifying old ones. More...
Google Fixes Critical RCE Flaw in AI-Based 'Antigravity' Tool

The prompt-injection vulnerability in the agentic AI product for filesystem operations was a sanitization issue that allowed for sandbox escape and ar… More...
Grafana AI Bug Leaks Data With Zero-Click Exploit

Chained Bypasses Exfiltrate Data Via Hidden AI Prompts More...
Critical MCP Integration Flaw Puts NGINX at Risk

Attackers can abuse the near-maximum severity flaw in nginx-ui to restart, create, modify, and delete NGINX configuration files. More...
AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad Fraud

More...
CSA: CISOs Should Prepare for Post-Mythos Exploit Storm

In a new report from the Cloud Security Alliance (CSA), experts warn of an "AI vulnerability storm" triggered by the introduction of Anthropic's Claud… More...
Can Anthropic Keep Its Exploit-Writing AI Out of the Wrong Hands?

Its Mythos Preview model, which can allegedly find and exploit critical zero-days, also comes with certain controls, the vendor said. More...
Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign

The Russia-linked threat actor known as APT28 (aka Forest Blizzard) has been linked to a new campaign that has compromised insecure MikroTik and TP-Li… More...
Storm-1175 Deploys Medusa Ransomware at 'High Velocity'

Microsoft says the financially motivated cybercrime group has exploited N-day and zero-day vulnerabilities in campaigns predicated on speed. More...
Claude Source Code Leak Highlights Big Supply Chain Missteps

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer. More...
TeamPCP Breaches Cloud, SaaS Instances With Stolen Credentials

The threat group's shift to speedy attacks on AWS, Azure, and SaaS instances shows organizations need to respond quickly to compromised credentials. More...
Attackers Target Backup Storage to Force Ransom Payment

Object First's Cusimano on Why Backup Storage Is Now a Prime Ransomware Target More...
Critical Flaw in Langflow AI Platform Under Attack

Threats actors pounced on the code injection vulnerability within hours of its disclosure, demonstrating that organizations have little time to addres… More...
Attackers Hide Infostealer in Copyright Infringement Notices

More...
Hackers Target Cybersecurity Firm Outpost24 in 7-Stage Phish

In an unsuccessful phishing attack, threat actors leveraged trusted brands and domains to try to redirect a C-suite executive at Outpost24 to give up … More...
Autonomous Agent Hacked McKinsey's AI in 2 Hours

More...
Why Stryker's Outage Is a Disaster Recovery Wake-Up Call

More...
Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8

More...
The picoCTF 2026 competition from Carnegie Mellon University

More...
Russian Threat Actor Sednit Resurfaces With Sophisticated Toolkit

More...
Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration03-02 22:17:32

Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration More...

page: 1 2
image

Contact Us

Security Interest Group Switzerland
c/o Bridge Head AG
Sulzbergstrasse 34
5430 Wettingen
Switzerland

Quick Links

Terms
Contact Us
Privacy Policy
Newsletter

Follow Us

This website is powered by
ToucanTech