Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Researchers at Palo Alto Networks’ Unit 42 warn of a proof-of-concept (PoC) attack technique in which threat actors could use AI tools to generate malicious JavaScript in real time on seemingly innocuous webpages. “Once loaded in the victim's browser, the initial webpage makes requests for client-side JavaScript to popular and trusted LLM clients (e.g., DeepSeek and Google Gemini, though the PoC could be effective across a number of models),” the researchers write.

Compliance evidence only works if it reflects the current state of the system. At Aikido, we’ve always treated compliance as a byproduct of good security, not a separate exercise teams need to prepare for. That’s why Aikido integrates with multiple compliance platforms. The goal is simple: let teams use the security data generated in Aikido wherever they run their compliance programs, without changing how they work or maintaining parallel processes.

Web shells remain one of the most potent weapons in an adversary’s arsenal, particularly when targeting Linux servers and containers. These malicious scripts serve as powerful remote access tools with capabilities such as process execution, filesystem access, and tunneling of network connections.

Panera Bread is a leading American bakery-café fast casual restaurant chain with over 2,000 locations across the United States and Canada. Founded in 1987 as St. Louis Bread Company in Kirkwood, Missouri, the company has grown into one of the nation's most recognizable fast-casual dining brands. Headquartered in Fenton, Missouri, Panera Bread serves millions of customers with its menu of freshly baked breads, sandwiches, soups, salads, and specialty beverages.

Crunchbase is a leading market intelligence platform that provides comprehensive data on private and public companies worldwide. Founded in 2007 and headquartered in San Francisco, California, the company serves over 80 million users, including investors, sales professionals, entrepreneurs, and business analysts.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! On first glance, a eye watering headline. However it comes down to them leaving credentials in an S3 bucket… It would have happened anyway.

When Gartner introduced Continuous Threat Exposure Management (CTEM) in 2022, it formalized a problem security teams had been struggling with for years: patching large volumes of vulnerabilities was not translating into meaningful risk reduction. CTEM reframed the problem. Instead of measuring progress by the number of CVEs addressed, it shifted focus to whether attackers could actually reach and exploit assets that matter to the business. What Gartner did not provide was a concrete recipe for execution.

On Monday, February 3rd, Snyk Staff Senior Engineer Luca Beurer-Kellner and Senior Incubation Engineer Hemang Sarkar uncovered a massive systemic vulnerability in the ClawHub ecosystem (clawhub.ai). Unlike the malware campaign we reported yesterday involving specific malicious actors, this new finding reveals a broader, perhaps more dangerous trend: widespread insecurity by design. In this write-up, Snyk is presenting Leaky Skills - uncovering exposed and insecure credentials usage in Agent Skills.

The first comprehensive security audit of the Agent Skills ecosystem reveals malware, credential theft, and prompt injection attacks targeting OpenClaw, Claude Code, and Cursor users Agent skills are reusable capability packages that instruct AI agents how to interact with tools, APIs, or system resources—and they're rapidly becoming standard in AI-powered development.