Research Archives

Researchers at Backslash Security pored through update logs for Claude Code, Anthropic’s flagship coding model, finding the company was patching dozens of newly discovered security vulnerabilities in the program between April and early June 2026. (Source: Getty Images)

AI’s constant patching treadmill can be a security problem

The breakneck speed of model releases may be creating short, silent security gaps as developers must choose between performance and security, according to a new report.

12 hours ago By Derek B. Johnson

A hacker with China’s national flag in background. (Getty Images)

Google exposes China espionage group that’s been lurking in networks undetected since 2023

The revelation mirrors an alarming pattern of Chinese espionage groups dropping backdoors into critical infrastructure to intercept research and steal data with national security implications.

2 days ago By Matt Kapko

Anthropic announced the release of two new Mythos-class artificial intelligence models designed for cybersecurity and biomedical research, targeting both consumers and businesses. (Photo by Samuel Boivin/NurPhoto via Getty Images)

Cybersecurity experts don’t think Anthropic’s Fable 5 presents a unique threat

Dozens of practitioners said the decision to place export controls on the foreign use of Fable are misguided, and recent jailbreak reports don’t show the model providing…

2 days ago By Derek B. Johnson

ShinyHunters is actively extorting universities after exploiting an unpatched Oracle flaw

Oracle still hasn't patched the vulnerability the group has been using in its attacks since late May.

5 days ago By Matt Kapko

Nightmare Eclipse incident shows the researcher-vendor fights may never fully go away

When a researcher went public with Microsoft vulnerabilities, it laid bare a conflict that has never really been solved.

Jun 5, 2026 By Matt Kapko

New research from DTEX details how the increasing integration of AI agents into businesses is making it easier than ever for insiders – malicious or otherwise – to put sensitive data at risk. (Image Source: Getty)

Your AI agent could become your biggest insider threat

New research details how the increasing integration of AI agents into businesses is making it easier than ever for insiders - malicious or otherwise - to put…

Jun 4, 2026 By Derek B. Johnson

Palo Alto Networks headquarters in Silicon Valley; Palo Alto Networks, Inc. is an American multinational cyber security company. (Getty Images)

Attackers are exploiting Palo Alto Networks defect that initially flew under the radar

The escalated threat posed by the defect showcases how quickly a seemingly mild vulnerability can turn into an urgent warning.

Jun 1, 2026 By Matt Kapko

(Photo by Artur Widak/NurPhoto via Getty Images)

Zapier fixes bug chain that researchers say risked widespread account takeover

A five-step flaw chain in the popular automation service, now patched, could have let a single attacker act as any signed-in user across thousands of connected apps.

May 28, 2026 By Greg Otto

An Apple logo is reflected on glass at the Apple Store at Orchard Road on September 24, 2021 in Singapore. (Photo by Feline Lim/Getty Images)

Apple open-sources quantum-resistant encryption code

The release includes implementations of two quantum-secure algorithms and demonstrates how formal verification caught bugs that traditional testing would have missed.

May 26, 2026 By Greg Otto

FBI warns about fast-growing phishing kit targeting Microsoft 365 users

Kali365, which was first observed in April, abuses legitimate Microsoft device authorization pages to grant persistent access to cybercriminal-controlled applications.

May 22, 2026 By Matt Kapko