North Korean Graphalgo Campaign Uses Fake Job Tests to Spread Malware Scam

A North Korean attack group is running a scam operation called the Graphalgo, wherein they use fake job schemes to deliver malware.
Security Boulevard

Zero-Knowledge Proofs for Verifiable MCP Tool Execution

Learn how Zero-Knowledge Proofs (ZKP) provide verifiable tool execution for Model Context Protocol (MCP) in a post-quantum world. Secure your AI infrastructure today.
Business Insider

Apiiro Launches Guardian Agent to Enable Zero Vulnerabilities in AI-Generated Code

NEW YORK, Jan. 28, 2026 (GLOBE NEWSWIRE) -- Apiiro, the leader in agentic application security, today announced the launch of Guardian Agent, an AI AppSec agent that introduces a fundamentally new ...
Dark Reading

AsyncRAT Malware Infests Orgs via Python & Cloudflare

An emerging phishing campaign is exploiting a dangerous combination of legitimate Cloudflare services and open source Python tools to deliver the commodity AsyncRAT. The attack demonstrates threat ...
GitHub

Unofficial Twitter API In Python

This project is an unofficial Python wrapper for the Twitter API, enabling developers to easily access and retrieve data from Twitter without the need for Cookies or Proxies. Sign up for a free ...
Bleeping Computer

IBM warns of critical API Connect auth bypass vulnerability

IBM urged customers to patch a critical authentication bypass vulnerability in its API Connect enterprise platform that could allow attackers to access apps remotely. API Connect is an application ...
Forbes

The Future Of API Protection: Why Web And API Security Work Better Together

APIs are powering the new agentic era and underpinning nearly every digital platform from customer apps to back-end integrations. But as they multiply, they are expanding the attack surface ...
The York Dispatch

CoreStack Announces Full Public Release of Graphion(TM) – a Cloud-Native, AI-Native CNAPP Built for Modern Enterprise Security

Graphion constructs a continuously updated, multi-layered graph of the entire cloud ecosystem, mapping code, containers, Kubernetes clusters, APIs, identities, and configurations into a single ...
CSOonline

Hidden API in Comet AI browser raises security red flags for enterprises

SquareX has disclosed a previously undocumented API within the Comet AI browser that allows its embedded extensions to execute arbitrary commands and launch applications — capabilities mainstream ...
Android Authority

Cellebrite leak highlights how much more secure Pixel phones are with GrapheneOS

A leaked Cellebrite chart shows Pixel phones running GrapheneOS largely resist the company’s forensic unlocking tools. The leak came from a private Google Teams call that someone joined and ...