Security
* A malicious Visual Studio Code extension named "susvsex" was discovered with built-in ransomware capabilities, likely created with AI assistance. * Separately, security researchers unearthed 17 trojanized npm packages that deploy the Vidar information-stealing malware, downloaded over 2,240 times. * Both threats have been removed from their respective platforms, but
Security
* SentinelOne has unveiled a major suite of new AI-powered security products at its OneCon 2025 event in Las Vegas. * The company announced significant new partnerships and integrations with cloud giants Amazon Web Services (AWS) and Google Cloud. * New offerings include the Wayfinder Threat Detection & Response suite and enhanced capabilities
Security
* Massive Scale: Over 10.5 million individuals have been impacted by a significant data breach at the business services provider Conduent. * Sensitive Data Compromised: Stolen information includes highly personal details such as names, Social Security numbers, addresses, health insurance details, and private medical information. * Eighth-Largest Breach: The incident is now
Security
* Attackers are actively exploiting a critical vulnerability (CVE-2023-20198) in unpatched Cisco IOS XE devices. * A malware implant named “BADCANDY” is being deployed, which can be reinstalled by attackers even after an infected device is rebooted. * Australia’s Signals Directorate (ASD) has issued an urgent advisory, stating that rebooting is an
Security
* OpenAI has launched Aardvark, an AI-powered "agentic security researcher" designed to autonomously find and fix software vulnerabilities. * Powered by the yet-to-be-released GPT-5, the tool has already identified numerous critical flaws, leading to 10 official Common Vulnerabilities and Exposures (CVE) identifiers. * Unlike traditional scanners, Aardvark mimics a human researcher