Author: Robert Timlick

  • Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code

    A critical security vulnerability has been disclosed in Gogs, a popular open-source self-hosted Git service, that allows an authenticated user to execute arbitrary code under certain conditions.

    The security flaw, per Rapid7, is rated 9.4 on the CVSS scoring system. It does not have a CVE identifier.

    “The vulnerability allows any authenticated user to achieve remote code execution (RCE) on

  • Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer

    Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer

    Threat actors are continuing to exploit a critical, now-patched security flaw impacting FortiClient Endpoint Management Server (EMS) deployments to deliver credential-stealing malware.

    “The campaign abused trusted endpoint management infrastructure to deliver malware across managed endpoints,” Arctic Wolf said. “Threat actors disguised the credential stealer payload as a Fortinet endpoint

  • Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal

    Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal

    Microsoft has come out strongly in favor of Coordinated Vulnerability Disclosure (CVD), urging the research community to share their findings and give affected vendors an opportunity to better understand the impact and address them before they are publicly disclosed.

    The development comes after a researcher named Chaotic Eclipse (aka Nightmare-Eclipse) disclosed details of multiple zero-day

  • New AI Usage Report: Enterprise AI Risk Is Heavily Concentrated Among a Small Group of AI “Power users”

    New AI Usage Report: Enterprise AI Risk Is Heavily Concentrated Among a Small Group of AI “Power users”

    State of AI Usage Report 2026 (full report here) by LayerX Security reveals the extent of the enterprise AI visibility gap and why most organizations still don’t understand where their AI exposure is actually coming from. The research shows that enterprise AI risk is not distributed evenly across users or platforms. Instead, it is heavily concentrated among a small group of AI power users and a
  • JINX-0164 Targets Cryptocurrency Firms with Fake Recruiter Lures and macOS Malware

    JINX-0164 Targets Cryptocurrency Firms with Fake Recruiter Lures and macOS Malware

    A new campaign orchestrated by a previously undocumented threat actor has targeted cryptocurrency organizations with an aim to facilitate digital asset theft using recruitment-themed social engineering and bespoke macOS malware.

    “These campaigns leveraged sophisticated social engineering techniques, custom macOS malware, and deep targeting of CI/CD infrastructure,” Wiz researchers Shira Ayal,

  • Grandoreiro Malware and BTMOB RAT Campaigns Target Windows and Android Users

    Grandoreiro Malware and BTMOB RAT Campaigns Target Windows and Android Users

    Latin America and Europe become the target of two banking trojan campaigns that are designed to infect Windows and Android devices with Grandoreiro and BTMOB malware, respectively.

    That’s according to new findings from WatchGuard and ESET, which have observed the two malware families being used to single out companies in Spain, Portugal, and Mexico, as well as mobile users in Brazil.

    The

  • 5 Steps to Managing Shadow AI Tools Without Slowing Down Employees

    When an employee installs an AI writing assistant, connects a coding copilot to their IDE, or starts summarizing meetings with a new browser tool, they are doing exactly what a productive employee should do: finding faster ways to work.

    Across most organizations today, employees are running three to five AI tools on any given day. Most were never reviewed by IT. A significant portion connects

  • GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure

    CrowdStrike, in partnership with Google and the Shadowserver Foundation, has announced the simultaneous disruption of all command-and-control (C2) channels associated with GlassWorm, a persistent software chain campaign targeting software developers through malicious packages and extensions.

    “Since at least early 2025, GlassWorm operators have systematically targeted software developers, a

  • 5 Steps to Managing Shadow AI Tools Without Slowing Down Employees

    When an employee installs an AI writing assistant, connects a coding copilot to their IDE, or starts summarizing meetings with a new browser tool, they are doing exactly what a productive employee should do: finding faster ways to work.

    Across most organizations today, employees are running three to five AI tools on any given day. Most were never reviewed by IT. A significant portion connects

  • AI Chatbot Recommendations Redirect Users to Cryptojacking Malware Sites

    AI Chatbot Recommendations Redirect Users to Cryptojacking Malware Sites

    Microsoft has warned of an active cryptojacking campaign that makes use of artificial intelligence (AI) chatbot interactions as a mechanism for surfacing malicious download sites.

    “This emerging delivery technique extends social engineering beyond conventional search results and increases the visibility of malicious software recommendations,” Microsoft Defender Experts and the Microsoft