"Encrypt It Already" Campaign Pushes Big Tech to Prioritize E2E Encryption

The Electronic Frontier Foundation is urging major technology companies to follow through on their promises to implement end-to-end encryption by default across their services, as privacy concerns mount amid increased AI use.

OpenClaw's Gregarious Insecurities Make Safe Usage Difficult

Malicious "skills" and persnickety configuration settings are just some of the issues that security researchers have found when installing — and removing — the OpenClaw AI assistant.

Data Tool to Triage Exploited Vulnerabilities Can Make KEV More Useful

A disconnect exists between the organization's cybersecurity needs and lists like CISA's KEV Catalog. KEV Collider combines data from multiple open source vulnerability frameworks to help security teams quickly assess which are important, based on their priorities.

EnCase Driver Weaponized as EDR Killers Persist

The forensic tool's driver was signed with a digital certificate that expired years ago, but major security gaps allowed Windows to load it.

Agentic AI Site 'Moltbook' Is Riddled With Security Risks

Someone used AI to build an entire Web platform, which then did something predictable and preventable: It exposed all its data through a publicly accessible API.

Protests Don't Impede Iranian Spying on Expats, Syrians, Israelis

Iranian threat actors have been stealing credentials from people of interest across the Middle East, using spear-phishing and social engineering.

CISA Makes Unpublicized Ransomware Updates to KEV Catalog

A third of the "flipped" CVEs affected network edge devices, leading one researcher to conclude, "Ransomware operators are building playbooks around your perimeter."