A critical security vulnerability in Oracle’s PeopleSoft software has been linked to a large cyber campaign that may have affected more than 100 organizations, prompting urgent warnings from Oracle and cybersecurity investigators. Oracle issued a security alert for CVE-2026-35273, a critical vulnerability affecting PeopleSoft PeopleTools versions 8.61 and 8.62. The ... Read More

As the competition to lead the AI sector accelerates worldwide, cybersecurity firm CrowdStrike says China-linked threat actors are the dominant source of state-sponsored cyber activity targeting tech companies and their AI assets. According to CrowdStrike’s latest threat intelligence findings, organizations connected to China were responsible for more than 58% of ... Read More

A high-severity Linux kernel vulnerability that allows local users to obtain root privileges has attracted attention because the bug originated from a single misplaced character in the operating system’s code. The flaw, tracked as CVE-2026-23111, affects the nf_tables packet-filtering framework used by Linux firewall deployments. Security researchers say the bug ... Read More

Researchers at the University of Toronto have demonstrated a new form of AI-powered computer worm that can adapt its attacks as it moves through a network, raising concerns that hackers could use freely available AI models to launch autonomous malware campaigns. The research, conducted in a secure and isolated digital ... Read More

Linux kernel maintainers are confronting a new operational problem tied to the rapid adoption of AI-assisted coding tools, as too many people are reporting the same vulnerabilities at the same time. Linus Torvalds, in comments accompanying the fourth release candidate for Linux 7.1, said the kernel project’s private security mailing ... Read More

Akamai Technologies is acquiring Israeli browser security startup LayerX in a $205 million cash deal, a purchase that expands Akamai’s Zero Trust security portfolio into the browser layer. Employees often access generative AI platforms and AI agents directly through browsers, creating new security challenges for IT teams. LayerX develops browser-native ... Read More

A newly disclosed Linux kernel vulnerability is intensifying concerns about the stability of recent kernel security fixes, after researchers revealed a flaw that enables local attackers to obtain root privileges through corruption of page cache memory. The vulnerability, tracked as CVE-2026-46300 and dubbed Fragnesia, affects the Linux kernel’s XFRM ESP-in-TCP ... Read More

Google has debuted an Android security feature called Intrusion Logging that creates persistent forensic records that can be analyzed for signs of compromise. Developed with input from Amnesty International and Reporters Without Borders, it can help investigators detect sophisticated spyware attacks. The tool is aimed primarily at journalists, activists, and ... Read More

A fraudulent AI model posing as an OpenAI release briefly became one of the most downloaded projects on Hugging Face before researchers determined it was distributing credential-stealing malware to Windows systems. The incident demonstrates the growing security risks tied to open AI model repositories and the weak governance around how ... Read More

In a dramatic example of how AI is advancing cybersecurity research, AI-assisted analysis tools helped uncover new vulnerabilities involving PostgreSQL and MariaDB, including flaws that had remained hidden for more than 20 years. Security researchers have disclosed multiple high- and critical-severity long-dormant flaws affecting the two widely used open-source database ... Read More