%term

Inside the Hidden VM: How Attackers Stay Undetected

Apr 29, 2026 By Sophos In Sophos

Threat actors are getting better at hiding in plain sight through using virtual environments to evade detection and deliver ransomware. New research from Sophos X-Ops reveals an increase in the abuse of QEMU, an open-source emulator, to conceal malicious activity inside virtual machines. While this technique isn’t new, its use for defense evasion is accelerating, making visibility and detection even more challenging for defenders.

View Video

Sophos

Read more about Inside the Hidden VM: How Attackers Stay Undetected

Nine Seconds to Delete a Database: What the PocketOS Incident Teaches Us About AI Agent Privilege Management

Apr 29, 2026 By Gabriel Avner In Apono

There’s never a good time to lose a production database, but losing one to your own AI coding agent on a Friday afternoon has to rank near the bottom of the list. That’s the backdrop to the PocketOS incident, and it’s the clearest case yet for why AI agent security and intent-based access control belong at the top of every cloud security roadmap this year.

Read Post

Apono

Read more about Nine Seconds to Delete a Database: What the PocketOS Incident Teaches Us About AI Agent Privilege Management

How Zero Standing Privileges Defuses the Shadow AI Agent Problem

Apr 29, 2026 By Gabriel Avner In Apono

As more organizations move past experimentation and start planning real AI agent deployments, the same set of concerns keeps surfacing in our conversations with security teams. Whether the worry is a shadow agent that shows up uninvited or a sanctioned agent going rogue, the questions tend to cluster around control: These are the right questions to be asking, and they share a common answer that’s more concrete than most people expect. AI agents are only as dangerous as the privileges they can reach.

Read Post

Apono

Read more about How Zero Standing Privileges Defuses the Shadow AI Agent Problem

Cato CTRL Threat Research: New Vulnerabilities in NVIDIA NeMo and Meta PyTorch Enable Full System Compromise

Apr 29, 2026 By Inga Cherny In Cato Networks

Cato CTRL has discovered high-severity vulnerabilities in NVIDIA NeMo (CVE-2025-33236 with a CVSS score of 7.8) and Meta PyTorch that turns AI model files into remote code execution (RCE) vectors. The NeMo vulnerability allows RCE by importing a malicious AI model. The NeMo framework silently executes threat actor-controlled code with no warning.

Read Post

Cato Networks

Read more about Cato CTRL Threat Research: New Vulnerabilities in NVIDIA NeMo and Meta PyTorch Enable Full System Compromise

Tanium Basics - Grouping With Intent - Tanium Tech Talks #160

Apr 29, 2026 By Tanium In Tanium

Computer groups are Tanium's unsung heroes. They answer the "who" behind every deployment, patch, and policy. In this Tanium Basics episode, we break down how to build, use, and think about Computer Groups.

View Video

Tanium

Security

Read more about Tanium Basics - Grouping With Intent - Tanium Tech Talks #160

Emerging Threat: (CVE-2026-3854) GitHub Enterprise Server RCE via Git Push Injection

Apr 29, 2026 By Igal Zeifman In CyCognito

CVE-2026-3854 is a command injection vulnerability in GitHub Enterprise Server. It lives in the git push pipeline. User-supplied push option values were not properly sanitized before being embedded in an internal service header. The header format used a delimiter that could also appear in user input. A crafted push option containing that delimiter let an attacker inject additional metadata fields. Downstream services treated those fields as trusted internal values.

Read Post

CyCognito

Read more about Emerging Threat: (CVE-2026-3854) GitHub Enterprise Server RCE via Git Push Injection

What Real AI Security Incidents Reveal About Today's Risks

Apr 29, 2026 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video

Mend

Read more about What Real AI Security Incidents Reveal About Today's Risks

This Is How Red Teams Actually Use AI Security Data #aisecurity #redteam #threatintelligence

Apr 29, 2026 By Razorthorn Security In Razorthorn

The volume of AI security research is now too high for any human to track properly by hand. The practical answer is using AI to filter AI, reducing hundreds of articles and reports into a daily shortlist so analysts spend their time on signal instead of noise.

View Video

Razorthorn

Read more about This Is How Red Teams Actually Use AI Security Data #aisecurity #redteam #threatintelligence

Why banks are adopting blockchain infrastructure now

Apr 29, 2026 By Fireblocks In Fireblocks

Fireblocks now supports 95 banks globally, and the adoption curve is accelerating. In this clip from the Banking Bootcamp, Financial Markets Economist Neil Chopra explains what's driving the shift: regulatory clarity, proven utility, and infrastructure that plugs into how banks already operate. This is Episode 1 of the Banking Bootcamp, a three-part series produced in partnership with American Banker.

View Video

Fireblocks

Read more about Why banks are adopting blockchain infrastructure now

A Mini Shai-Hulud Targeting the SAP Ecosystem

Apr 29, 2026 By Guillaume Valadon In GitGuardian

7 stolen GitHub tokens. 971 repositories. A self-replicating supply chain attack targeting SAP's Node.js packages — and it's still active. Here's what GitGuardian found.

Read Post