AI-related data breaches surging Hackers are increasingly using AI to detect software vulnerabilities, which has shortened the time that targets have to respond to threats, Verizon said in an annual report tracking data breaches. Verizon said using software flaws in data surpassed stolen credentials for the first time. It said in a review of more than 31,000 incidents, 31% of ...

Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit https://firewall.firm.in/wp-content/uploads/2026/05/marimo.png Ravie LakshmananMay 29, 2026Vulnerability / Artificial Intelligence An unknown threat actor has been observed using a large language model (LLM) agent to conduct post-compromise actions after obtaining initial access following the exploitation of a publicly-accessible Marimo network using a recently disclosed vulnerability. “The attacker compromised an internet-reachable Marimo notebook ...

Anthropic AI model finds over 10,000 critical bugs across open-source software projects https://etimg.etb2bimg.com/thumb/msid-131316898,imgsize-83812,width-1200,height=627,overlay-etciso,resizemode-75/vulnerabilities-exploits/anthropic-ai-model-finds-over-10000-critical-bugs-across-open-source-software-projects.jpg Anthropic has shared the first major results from Project Glasswing, a restricted cybersecurity initiative that gives select organisations access to its new AI model, Mythos Preview. The company said the model has already identified more than 10,000 high- or critical-severity software vulnerabilities across widely used systems. The ...

Rethinking enterprise security for a sovereign, agentic world, ETCISO In 2026, the rise of agentic AI and the growing imperative for digital sovereignty are redefining the enterprise security landscape in India. As AI adoption accelerates across the nation’s key industries, the real challenge for enterprises is not just about defending themselves against new threats but about maintaining control, resilience, and ...

NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE https://firewall.firm.in/wp-content/uploads/2026/05/nginx.jpg Ravie LakshmananMay 17, 2026Server Security / Vulnerability A newly disclosed security flaw impacting NGINX Plus and NGINX Open has come under active exploitation in the wild, days after its public disclosure, according to VulnCheck. The vulnerability, tracked as CVE-2026-42945 (CVSS score: 9.2), is a heap buffer overflow ...

Researchers use Anthropic Mythos find flaws in Apple security; ‘hack’ MacOS https://etimg.etb2bimg.com/thumb/msid-131114400,imgsize-1285067,width-1200,height=627,overlay-etciso,resizemode-75/vulnerabilities-exploits/researchers-use-anthropic-mythos-find-flaws-in-apple-security-hack-macos.jpg Anthropic’s Mythos AI, a tool that has already rattled the tech and financial sectors by exposing widespread software vulnerabilities, has now successfully ‘hacked’ macOS, which is regarded as one of the most secure operating systems in the world. According to a report by The Wall Street Journal, researchers ...

How Google may have confirmed Anthropic’s Mythos fears that sent shock waves across banks and financial institutions   Google’s Threat Intelligence Group (GTIG) recently revealed that it successfully blocked a massive cyberattack where criminals used artificial intelligence (AI) to discover and weaponise a previously unknown software flaw. Google’s message is clear: The era of the ‘AI-powered hacker’ has officially arrived. ...

TCLBANKER Banking Trojan Targets Financial Platforms via WhatsApp and Outlook Worms https://firewall.firm.in/wp-content/uploads/2026/05/banking.jpg Threat hunters have flagged a previously undocumented Brazilian banking trojan dubbed TCLBANKER that’s capable of targeting 59 banking, fintech, and cryptocurrency platforms. The activity is being tracked by Elastic Security Labs under the moniker REF3076. The malware family is assessed to be a major update of the Maverick, ...

Why identity is now a legal control plane, not just a cybersecurity function, says cyber law expert Karnnika Seth https://etimg.etb2bimg.com/thumb/msid-130956637,imgsize-59340,width-1200,height=627,overlay-etciso,resizemode-75/identity-access-management/the-evolving-role-of-identity-in-cyber-law-insights-from-expert-karnnika-seth.jpg As AI, digital platforms, fintech systems and autonomous agents reshape how identities are created, used and misused, identity access management has become a core legal and regulatory issue for enterprises, Dr. Karnnika A Seth, Cyber Law Expert, DRDO, Ministry of ...

Reggie Townsend, VP, Data Ethics, SAS, ETCISO Reggie Townsend has spent years making the uncomfortable case that ethical AI is not a brake on progress but the very precondition for it. As agentic systems move from concept to commercial deployment — taking decisions, triggering workflows, and acting on behalf of businesses without moment-to-moment human oversight — the stakes of getting ...