AI-SOCs will automate routine tasks and create new specialized roles such as Data Engineer, Agent-Orchestrator, and Model-Trainer, rather than eliminating existing jobs.
15 compromised JetBrains plugins masquerade as AI assistants and steal plaintext API keys over unencrypted HTTP connections to IP address 39.107.60.51.
ScarCruft uses fake Microsoft security alerts to distribute NarwhalRAT, a Python-based malware that operates in memory and communicates with command-and-control servers via compromised websites and pCloud APIs.
A large-scale attack affects at least 74,000 Fortinet firewalls and compromises administrative access to security appliances at the core of enterprise networks.
Ransomware group DragonForce disguises its command-and-control traffic via Microsoft Teams’ TURN protocol and exploits multiple CVEs and kernel exploits to bypass security software.
Approximately 30,000 German companies under NIS2 must establish whistleblower reporting channels and must meet standards for confidentiality, protection against retaliation, and documentation.
A publicly accessible Elasticsearch server stored 24 billion credentials from infostealer malware collections, placing millions of accounts without MFA at acute risk.
SAE-based safety measures are vulnerable to post-intervention recovery: models can restore suppressed behaviors even when targeted features are controlled.