Content Paint
Search
Sign in
Membership

Security

 |  Security  | Jul 26, 2025
AWS zero day exploited to access codebase for its AI assistant
AWS CodeBuild vulnerability CVE-2025-8217 exploited

AWS has now "included additional protections against memory dumps within container builds..."

Security  | Jul 25, 2025
“Invisible to EDR”: Hackers are gaining deep VMware persistence
vmware persistence hackers

"The core vulnerability is a help desk process that lacks robust, non-transferable identity verification for password resets..."

Security  | Jul 23, 2025
FBI, CISA advise Interlock ransomware "drive-by" vigilance
A car moves at speed along a road, the road and streets around it are blurred while the white car is in focus. The FBI and CISA released a joint advisory on the Interlock ransomware group

Interlock is known for using "double extortion methods" to encrypt and exfiltrate data.

 |  Security  | Jul 22, 2025
UK told to keep ransomware payments ban clear and supportive
A person holds up glasses fogged by water. The UK government was told to keep a proposed ransomware payments ban clear in scope

Insurers and vendors alike call for clarity on who would be affected, and what reporting mandates will look like.

 |  Security  | Jul 22, 2025
Google uses AI tools to limit open source supply chain attacks
A person uses an old viking shield to block someone with a sword. Google's OSS Rebuild platform uses AI to enhance open source security

Google's new open source platform will shield popular dependencies with automations and data visibility tools.

Security  | Jul 20, 2025
SharePoint zero day under mass attack: Microsoft scrambles to patch CVE-2025-53770.
SharePoint zero day under mass attack: Microsoft scrambles to patch CVE-2025-53770.

"A modern zero-day chain with automatic shell drop, full persistence, and zero authentication"

 |  Security  | Jul 18, 2025
NVIDIAScape: Critical NVIDIA bug poses “systemic risk to the AI ecosystem”, gives root
NVIDIAScape: Critical NVIDIA bug CVE-2025-23266

Too exotic for cybercriminals? Unlikely. Kubernetes malware spotted escaping Windows containers in 2021 and LangFlow seen exploited this year.

Security  | Jul 17, 2025
NCSC looks to tap fresh blood for Vulnerability Research Initiative, explore AI use
NCSC looks to tap fresh blood for Vulnerability Research Initiative, explore AI use

The UK’s National Cyber Security Centre (NCSC) is keen to bring in fresh blood to its Vulnerability Research Initiative, including across AI.  Contrary to a flurry of press releases from excited cybersecurity vendors hitting The Stack’s inbox this week, the VRI is not new and has been running

 |  Security  | Jul 16, 2025
Salt Typhoon “extensively” pwned National Guard, beware 3 Cisco bugs, warns Pentagon
Salt Typhoon “extensively” pwned National Guard, beware 3 Cisco bugs, warns Pentagon

"In at least one state, the local Army National Guard unit directly provides network defense services..."

Interviews, insight, intelligence, and exclusive events for digital leaders.

© 2025 The Stack
©  2025 The Stack

Search the site
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Great! You've successfully signed up.
Great! You've successfully signed up.
Welcome back! You've successfully signed in.
Success! You now have access to additional content.