MY TAKE: Black Hat 2025 vendors define early contours for a hard pivot to AI security architecture
Black Hat USA 2025 concluded amid a noticeable shift in tone. Compared to prior years, the discussions were more grounded, and the stakes more clearly defined. Related: GenAI security gaps few see While generative AI remained the central theme, what stood out was the growing consensus that the security community must now contend with a
Over 29,000 Exchange servers unpatched against high-severity flaw
Over 29,000 Exchange servers exposed online remain unpatched against a high-severity vulnerability that can let attackers move laterally in Microsoft cloud environments, potentially leading to complete domain compromise.
Attention sur la route des vacances, l’arnaque au « péage Ulys » reprend de plus belle
Cet été 2025, les automobilistes français doivent faire face à un nouveau piège sur la route des vacances : les faux SMS et mail Ulys. Depuis la mise en place du péage en flux libre, les cybercriminels profitent du flou qui entoure ce nouveau procédé pour arnaquer les voyageurs. Depuis le début de l’été, au moins
Connex Credit Union data breach impacts 172,000 members
Connex, one of Connecticut's largest credit unions, warned tens of thousands of members that unknown attackers had stolen their personal and financial information after breaching its systems in early June.
Google Calendar invites let researchers hijack Gemini to leak user data
Google fixed a bug that allowed maliciously crafted Google Calendar invites to remotely take over Gemini agents running on the target's device and leak sensitive user data.
Sam Altman overhyped GPT-5 and the results are underwhelming. Some users are upset with GPT-5's new personality, but you can restore GPT-4o if you pay for the Plus plan.
Une menace persistante avancée (MPA), ou Advanced Persistent Threat (APT), est une cyberattaque à la fois sophistiquée, discrète et prolongée dans le temps. Elle nécessite des moyens financiers et techniques colossaux, et cible souvent les secteurs les plus sensibles pour espionner, saboter ou dérober des données. En
Google confirms data breach exposed potential Google Ads customers' info
Google has confirmed that a recently disclosed data breach of one of its Salesforce CRM instances involved the information of potential Google Ads customers.
ReVault! When your SoC turns against you… deep dive edition
Talos reported 5 vulnerabilities to Broadcom and Dell affecting both the ControlVault3 Firmware and its associated Windows APIs that we are calling “ReVault”.
DARPA announces $4 million winner of AI code review competition at DEF CON
The winner announced on Friday at the DEF CON cybersecurity conference, known as Team Atlanta, is composed of tech experts from Georgia Tech, Samsung Research, the Korea Advanced Institute of Science & Technology (KAIST) and the Pohang University of Science and Technology (POSTECH).