“Shade BIOS” stealth malware hides below operating system
Creates parallel “attacker-exclusive OS”.
Serious path traversal bug found in Microsoft’s NLWeb “Agentic Web” tool
Vulnerability allowed reading of system files and theft of AI LLM API keys.
University of Western Australia resets all staff and student passwords
After ‘data breach’.
Microsoft raises Zero Day Quest bug bounties to US$5 million
Vulnerability finding program targets company’s enterprise offerings.
Confusion reigns as phishers abuse Exchange Online Direct Send
Legitimate feature needs to be secured, but admins aren’t sure how to do it.
“ReVault” firmware flaws allow persistent access in Dell laptops
Over 100 currently supported models at risk.
NSW greenlights central database for compromised IDs
Identity Protection and Recovery Bill passes NSW Parliament
Cloudflare and Perplexity slug it out over alleged AI bot block evasion
Block-busting bot or legitimate AI traffic?
AI coding threatens to make common security flaw more prevalent
IDORs and broken access controls at scale.
Google publishes 20 new vulnerabilities found by its Big Sleep AI
After large-scale run of the agent.