🟢ToolsMEDIUM
Tropic Trooper APT Takes Aim at Home Routers, Japanese Targets
The Chinese state-sponsored cyber threat is known for moving fast and trying odd attack vectors; now it's branching out in tools, victimology, and TTPs.
🟢Tools37 stories
Tools
Latest cybersecurity tools news, analysis, and intelligence.
🟢ToolsMEDIUM
Chinese APT Abuses Multiple Cloud Tools to Spy on Mongolia
The threat actor gave itself plenty of options to support command and control, tapping Microsoft Outlook, Slack, Discord, and file.io for online espionage.
🟢ToolsMEDIUM
Project Glasswing Proved AI Can Find the Bugs. Who's Going to Fix Them?
Last week, Anthropic announced Project Glasswing, an AI model so effective at discovering software vulnerabilities that they took the extraordinary step of postponing its public release. Instead, the company has given access to Apple, Microsoft, Google, Amazon, and a coalition of others to find and
🟢ToolsMEDIUM
Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain
Cybersecurity researchers have warned of malicious images pushed to the official "checkmarx/kics" Docker Hub repository. In an alert published today, software supply chain security company Socket revealed that unknown threat actors managed to have overwritten existing tags, including v2.1.20 and alp
🟢ToolsMEDIUM
Siemens Analytics Toolkit
View CSAF Summary Multiple Siemens applications are affected by improper certificate validation in Siemens Analytics Toolkit. This could allow an unauthenticated remote attacker to perform man in the middle attacks. Siemens has released new versions for the affected products and recommends to update
🟢ToolsMEDIUM
Microsoft: Teams increasingly abused in helpdesk impersonation attacks
Microsoft is warning of threat actors increasingly abusing external Microsoft Teams collaboration and relying on legitimate tools for access and lateral movement on enterprise networks. [...]
🟢ToolsMEDIUM
Why Most AI Deployments Stall After the Demo
The fastest way to fall in love with an AI tool is to watch the demo. Everything moves quickly. Prompts land cleanly. The system produces impressive outputs in seconds. It feels like the beginning of a new era for your team. But most AI initiatives don't fail because of bad technology. They stall be
🟢ToolsCRITICAL
Microsoft releases emergency updates to fix Windows Server issues
Microsoft releases emergency updates to fix Windows Server issues
🟢ToolsMEDIUM
Tycoon 2FA Loses Phishing Kit Crown Amid Surge in Attacks
Threat actors are reusing Tycoon 2FA tools across other phishing kits following the platform’s disruption. The post Tycoon 2FA Loses Phishing Kit Crown Amid Surge in Attacks appeared first on SecurityWeek.
🟢ToolsMEDIUM
Most "AI SOCs" Are Just Faster Triage. That's Not Enough.
AI-powered SOC tools promise automation, but most only speed up triage instead of reducing real workload. Tines shows how real gains come from end-to-end workflows that execute actions across systems, not just summarize alerts. [...]
🟢ToolsMEDIUM
Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments
A researcher has disclosed the details of the AI attack method he has named ‘Comment and Control’. The post Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments appeared first on SecurityWeek.
🟢ToolsMEDIUM
Signed software abused to deploy antivirus-killing scripts
A digitally signed adware tool has deployed payloads running with SYSTEM privileges that disabled antivirus protections on thousands of endpoints, some in the educational, utilities, government, and healthcare sectors. [...]
🟢ToolsMEDIUM
Empty Attestations: OT Lacks the Tools for Cryptographic Readiness
Empty Attestations: OT Lacks the Tools for Cryptographic Readiness
🟢ToolsMEDIUM
MITRE Releases Fight Fraud Framework
MITRE Releases Fight Fraud Framework
🟢ToolsMEDIUM
The Hidden Security Risks of Shadow AI in Enterprises
As AI tools become more accessible, employees are adopting them without formal approval from IT and security teams. While these tools may boost productivity, automate tasks, or fill gaps in existing workflows, they also operate outside the visibility of security teams, bypassing controls a
🟢ToolsMEDIUM
Why Your Automated Pentesting Tool Just Hit a Wall
Automated pentesting tools deliver strong early results, then quickly plateau. Picus Security explains how the "PoC cliff" leaves major attack surfaces untested and creates a dangerous validation gap. [...]
🟢ToolsMEDIUM
AI-Assisted Supply Chain Attack Targets GitHub
AI-Assisted Supply Chain Attack Targets GitHub
🟢ToolsMEDIUM
Shadow AI in Healthcare Is Here to Stay
Shadow AI in Healthcare Is Here to Stay
🟢ToolsMEDIUM
Shadow AI in Healthcare is Here to Stay
Medical professionals are not going to stop using AI tools to manage growing workloads. Organizations should prioritize bolstering security protocols to limit their blast radius.
🟢ToolsMEDIUM
OWASP GenAI Security Project Gets Update, New Tools Matrix
OWASP GenAI Security Project Gets Update, New Tools Matrix
🟢ToolsMEDIUM
How LiteLLM Turned Developer Machines Into Credential Vaults for Attackers
The most active piece of enterprise infrastructure in the company is the developer workstation. That laptop is where credentials are created, tested, cached, copied, and reused across services, bots, build tools, and now local AI agents. In March 2026, the TeamPCP threat act
🟢ToolsMEDIUM
Chainguard Unveils Factory 2.0 to Automate Hardening the Software Supply Chain
Chainguard Unveils Factory 2.0 to Automate Hardening the Software Supply Chain
🟢ToolsMEDIUM
Security Bosses Are All-In on AI. Here's Why
CISOs are bullish on AI and have big plans to roll out future tools. We talk to Reddit CISO Frederick Lee and leading analyst Dave Gruber about how AI is working out in the real world, as well as its future promise.
🟢ToolsMEDIUM
Block the Prompt, Not the Work: The End of "Doctor No"
There is a character that keeps appearing in enterprise security departments, and most CISOs know exactly who that is. It doesn’t build. It doesn’t enable. Its entire function is to say "No." No to ChatGPT. No to DeepSeek. No to the file-sharing tool the product team swears by. For years
🟢ToolsMEDIUM
Silver Fox Expands Asia Cyber Campaign with AtlasCross RAT and Fake Domains
Chinese-speaking users are the target of an active campaign that uses typosquatted domains impersonating trusted software brands to deliver a previously undocumented remote access trojan named AtlasCross RAT. "The operation covers VPN clients, encrypted messengers, video conferencing tools, cryptocu
🟢ToolsMEDIUM
Lloyds Data Security Incident Impacts 450,000 Individuals
A faulty software update led to the exposure of mobile banking users’ transactions to other users of the application. The post Lloyds Data Security Incident Impacts 450,000 Individuals appeared first on SecurityWeek.
🟢ToolsMEDIUM
Russian CTRL Toolkit Delivered via Malicious LNK Files Hijacks RDP via FRP Tunnels
Cybersecurity researchers have discovered a remote access toolkit of Russian-origin that's distributed via malicious Windows shortcut (LNK) files that are disguised as private key folders. The CTRL toolkit, according to Censys, is custom-built using .NET and includes various executables" to facilita
🟢ToolsMEDIUM
The State of Secrets Sprawl 2026: 9 Takeaways for CISOs
Secrets sprawl isn't slowing down: in 2025, it accelerated faster than most security teams anticipated. GitGuardian's State of Secrets Sprawl 2026 report analyzed billions of commits across public GitHub and uncovered 29 million new hardcoded secrets in 2025 alone, a 34% increase year over year and
🟢ToolsHIGH
Why Security Validation Is Becoming Agentic
If you run security at any reasonably complex organization, your validation stack probably looks something like this: a BAS tool in one corner. A pentest engagement, or maybe an automated pentesting product, in another. A vulnerability scanner feeding an attack surface management platform somewhere
🟢ToolsMEDIUM
Shadow AI is everywhere. Here’s how to find and secure it.
Shadow AI is quietly spreading across SaaS environments as employees adopt new AI tools without IT oversight. Nudge Security explains how security teams can discover AI apps, monitor usage, and govern risky AI activity. [...]
🟢ToolsMEDIUM
Betterleaks, a new open-source secrets scanner to replace Gitleaks
A new open-source tool called Betterleaks can scan directories, files, and git repositories and identify valid secrets using default or customized rules. [...]
🟢ToolsMEDIUM
Watering Hole Attacks Push ScanBox Keylogger
Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.
🟢ToolsMEDIUM
Siemens RUGGEDCOM APE1808 Devices
View CSAF Summary Fortinet has published information on vulnerabilities in FORTIOS. This advisory lists the related Siemens Industrial products. Siemens has released a new version for RUGGEDCOM APE1808 and recommends to update to the latest version. The following versions of Siemens RUGGEDCOM APE180
🟢ToolsMEDIUM
Siemens SIDIS Prime
View CSAF Summary SIDIS Prime before V4.0.800 is affected by multiple vulnerabilities in the components OpenSSL, SQLite, and several Node.js packages as described below. Siemens has released a new version of SIDIS Prime and recommends to update to the latest version. The following versions of Siemen
🟢ToolsMEDIUM
Meta adds new WhatsApp, Facebook, and Messenger anti-scam tools
Meta is introducing new anti-scam protections across its platforms, deploying systems and user-facing warnings to protect users against scammers. [...]
🟢Tools
Nuclei v3.4 Released: Community Adds 2,400 New Templates Including Cloud and AI Attack Surface Coverage
ProjectDiscovery has released Nuclei v3.4, a major update to the open-source vulnerability scanner featuring 2,400 new community-contributed templates, a cloud asset discovery engine, and the first purpose-built templates targeting AI/LLM application security misconfigurations.
🟢ToolsHIGH
Independent Security Audit of Top 8 Password Managers Reveals Alarming Memory Handling Flaws
A comprehensive independent audit commissioned by the Open Source Security Foundation found that 6 of 8 major password managers—including two market leaders—retain decrypted password vault contents in process memory for longer than necessary, exposing credentials to memory scraping attacks.